A survey of security visualization for computer network logs
نویسندگان
چکیده
Network security is an important area in computer science. Although great efforts have already been made regarding security problems, networks are still threatened by all kinds of potential attacks, which may lead to huge damage and loss. Log files are main sources for security analysis. However, log files are not user friendly. It is laborious work to obtain useful information from log files. Compared with log files, visualization systems designed for security purposes provide more perceptive and effective sources for security analysis. Most security visualization systems are based on log files. In this paper, we provide a survey on visualization designs for computer network security. In this survey, we looked into different security visual analytics, and we organized them into five categories. Copyright © 2011 John Wiley & Sons, Ltd.
منابع مشابه
NetSecRadar: A Visualization System for Network Security Situational Awareness
Situational awareness is defined as the ability to effectively determine an overall computer network status based on relationships between security events in multiple dimensions. Unfortunately, as the lack of tools to synthetically analyze the security logs generated by kinds of network security products, such as NetFlow, Firewall and Host Security, it is difficult to monitor and perceive netwo...
متن کاملA Survey of Anomaly Detection Approaches in Internet of Things
Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this ...
متن کاملA Visualization Technique for Monitoring of Network Flow Data
Research and development of IDS (intrusion Detection System) is a hot topic for the purpose of security maintenance of computer network. We have already presented a technique for visualizing logs of IDS. However, the present IDS products detect only known suspicious accesses, and therefore we need an extended visualization technique if we would like to visualize the statistics of malicious acce...
متن کاملTudumi: Information Visualization System for Monitoring and Auditing Computer Logs
Computer security breaches are already a major problem in using computers. The most basic defense against it is to monitor and audit the computer logs. Computer logs, however, have a huge amount of textual data. It is, therefore, almost impossible to inspect them manually using current systems. We propose a log visualization system called “Tudumi”. Tudumi consists of several functions which ass...
متن کاملCyber Security Network Anomaly Detection and Visualization
In this Major Qualifying Project, we present a novel anomaly detection system for computer networks and a visualization system to help users explore network captures. The detection algorithm uses Robust Principal Component Analysis to produce a lower dimensional subspace of the original data for which a sparse matrix of outliers occurs. This low dimensional data subspace is determined by a nove...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Security and Communication Networks
دوره 5 شماره
صفحات -
تاریخ انتشار 2012