On the Visualization of Honeypot Data through Projection Techniques
نویسندگان
چکیده
A crucial aspect in network monitoring for security purposes is the visual inspection of traffic patterns, which chiefly provides the network manager with a synthetic and intuitive representation of the current situation. In keeping with this idea, neural projection techniques can adaptively map highdimensional data into a low-dimensional space, for the userfriendly visualization of data collected by different security tools. Different projection methods for the visual inspection of honeypot data are applied in this study, which may be seen as a complementary network security tool that sheds light on internal data structures through visual inspection. Empirical verification of the proposed projection methods was performed in an experimental domain where 1-month data sets were captured and stored for analysis. Experiments showed that whereas an Intrusion Detection System may only identify a low percentage of the malicious traffic, a deeper understanding of attack patterns could easily be gained by means of visual inspections. On the Visualization of Honeypot Data through Projection Techniques
منابع مشابه
Understanding Honeypot Data by an Unsupervised Neural Visualization
Neural projection techniques can adaptively map high-dimensional data into a low-dimensional space, for the user-friendly visualization of data collected by different security tools. Such techniques are applied in this study for the visual inspection of honeypot data, which may be seen as a complementary network security tool that sheds light on internal data structures through visual inspectio...
متن کاملA Hybrid Method for Segmentation and Visualization of Teeth in Multi-Slice CT scan Images
Introduction: Various computer assisted medical procedures such as dental implant, orthodontic planning, face, jaw and cosmetic surgeries require automatic quantification and volumetric visualization of teeth. In this regard, segmentation is a major step. Material and Methods: In this paper, inspired by our previous experiences and considering the anatomical knowledge of teeth and jaws, we prop...
متن کاملA Neural-Visualization IDS for Honeynet Data
Neural intelligent systems can provide a visualization of the network traffic for security staff, in order to reduce the widely known high false-positive rate associated with misuse-based Intrusion Detection Systems (IDSs). Unlike previous work, this study proposes an unsupervised neural models that generate an intuitive visualization of the captured traffic, rather than network statistics. The...
متن کاملVisualization of Misuse-Based Intrusion Detection: Application to Honeynet Data
This study presents a novel soft computing system that provides network managers with a synthetic and intuitive representation of the situation of the monitored network, in order to reduce the widely known high false-positive rate associated to misuse-based Intrusion Detection Systems (IDSs). The proposed system is based on the use of different projection methods for the visual inspection of ho...
متن کاملA visual analytic approach for analyzing SSH honeypots
An SSH honeypot can be used to study the activities of an attacker by logging the full SSH session. In this paper we present an interactive visualization system that can be used by network security experts to visually analyze large sets of SSH honeypot data. By using different visualizations and interaction techniques the expert can explore SSH sessions and quickly find related sessions which w...
متن کامل