Visualization Techniques for Computer Network Defense
نویسندگان
چکیده
Effective visual analysis of computer network defense (CND) information is challenging due to the volume and complexity of both the raw and analyzed network data. A typical CND is comprised of multiple niche intrusion detection tools, each of which performs network data analysis and produces a unique alerting output. The state-of-the-practice in the situational awareness of CND data is the prevalent use of custom-developed scripts by Information Technology (IT) professionals to retrieve, organize, and understand potential threat events. We propose a new visual analytics framework, called the Oak Ridge Cyber Analytics (ORCA) system, for CND data that allows an operator to interact with all detection tool outputs simultaneously. Aggregated alert events are presented in multiple coordinated views with timeline, cluster, and swarm model analysis displays. These displays are complemented with both supervised and semi-supervised machine learning classifiers. The intent of the visual analytics framework is to improve CND situational awareness, to enable an analyst to quickly navigate and analyze thousands of detected events, and to combine sophisticated data analysis techniques with interactive visualization such that patterns of anomalous activities may be more easily identified and investigated.
منابع مشابه
A new approach for data visualization problem
Data visualization is the process of transforming data, information, and knowledge into visual form, making use of humans’ natural visual capabilities which reveals relationships in data sets that are not evident from the raw data, by using mathematical techniques to reduce the number of dimensions in the data set while preserving the relevant inherent properties. In this paper, we formulated d...
متن کاملA Hybrid Method for Segmentation and Visualization of Teeth in Multi-Slice CT scan Images
Introduction: Various computer assisted medical procedures such as dental implant, orthodontic planning, face, jaw and cosmetic surgeries require automatic quantification and volumetric visualization of teeth. In this regard, segmentation is a major step. Material and Methods: In this paper, inspired by our previous experiences and considering the anatomical knowledge of teeth and jaws, we prop...
متن کاملAn Advanced Hybrid Honeypot for Providing Effective Resistance in Automatic Network Generation
Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks. A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’...
متن کاملArl-vids Visualization Techniques: 3d Information Visualization of Network Security Events a Thesis Submitted to the Graduate School in Partial Fulfillment of the Requirements for the Degree Master of Science in Computer Science by Tyler J. Gaw
متن کامل
Fault Identification using end-to-end data by imperialist competitive algorithm
Faults in computer networks may result in millions of dollars in cost. Faults in a network need to be localized and repaired to keep the health of the network. Fault management systems are used to keep today’s complex networks running without significant cost, either by using active techniques or passive techniques. In this paper, we propose a novel approach based on imperialist competitive alg...
متن کامل