Visualization of Host Behavior for Network Security

Lade...
Vorschaubild
Dateien
Visualization_of_Host_Behavior_for_Network_Security.pdf
Visualization_of_Host_Behavior_for_Network_Security.pdfGröße: 936.64 KBDownloads: 1052
Datum
2008
Autor:innen
Herausgeber:innen
Kontakt
ISSN der Zeitschrift
Electronic ISSN
ISBN
Bibliografische Daten
Verlag
Schriftenreihe
Auflagebezeichnung
ArXiv-ID
Internationale Patentnummer
Angaben zur Forschungsförderung
Projekt
Open Access-Veröffentlichung
Open Access Green
Core Facility der Universität Konstanz
Gesperrt bis
Titel in einer weiteren Sprache
Forschungsvorhaben
Organisationseinheiten
Zeitschriftenheft
Publikationstyp
Beitrag zu einem Konferenzband
Publikationsstatus
Published
Erschienen in
GOODALL, John R., ed., Gregory CONTI, ed., Kwan-Liu MA, ed.. VizSEC 2007. Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, pp. 187-202. Mathematics and Visualization. ISBN 978-3-540-78242-1. Available under: doi: 10.1007/978-3-540-78243-8_13
Zusammenfassung

Monitoring host behavior in a network is one of the most essential tasks in the fields of network monitoring and security since more and more malicious code in the wild internet constantly threatens the network infrastructure. In this paper, we present a visual analytics tool that visualizes network host behavior through positional changes in a two dimensional space using a force-directed graph layout algorithm. The tool s interaction capabilities allow for visual exploration of network traffic over time and are demonstrated using netflow data as well as IDS alerts. Automatic accentuation of hosts with highly variable traffic results in fast hypothesis generation and confirmation of suspicious host behavior. By triggering the behavior graph from the HNMap tool, we were able to monitor more abstract network entities.

Zusammenfassung in einer weiteren Sprache
Fachgebiet (DDC)
004 Informatik
Schlagwörter
Konferenz
Rezension
undefined / . - undefined, undefined
Zitieren
ISO 690MANSMANN, Florian, Lorenz MEIER, Daniel A. KEIM, 2008. Visualization of Host Behavior for Network Security. In: GOODALL, John R., ed., Gregory CONTI, ed., Kwan-Liu MA, ed.. VizSEC 2007. Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, pp. 187-202. Mathematics and Visualization. ISBN 978-3-540-78242-1. Available under: doi: 10.1007/978-3-540-78243-8_13
BibTex
@inproceedings{Mansmann2008Visua-5632,
  year={2008},
  doi={10.1007/978-3-540-78243-8_13},
  title={Visualization of Host Behavior for Network Security},
  isbn={978-3-540-78242-1},
  publisher={Springer Berlin Heidelberg},
  address={Berlin, Heidelberg},
  series={Mathematics and Visualization},
  booktitle={VizSEC 2007},
  pages={187--202},
  editor={Goodall, John R. and Conti, Gregory and Ma, Kwan-Liu},
  author={Mansmann, Florian and Meier, Lorenz and Keim, Daniel A.}
}
RDF
<rdf:RDF
    xmlns:dcterms="http://purl.org/dc/terms/"
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    xmlns:bibo="http://purl.org/ontology/bibo/"
    xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
    xmlns:foaf="http://xmlns.com/foaf/0.1/"
    xmlns:void="http://rdfs.org/ns/void#"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > 
  <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/5632">
    <dcterms:issued>2008</dcterms:issued>
    <dc:language>eng</dc:language>
    <dc:creator>Meier, Lorenz</dc:creator>
    <dcterms:title>Visualization of Host Behavior for Network Security</dcterms:title>
    <dcterms:rights rdf:resource="http://creativecommons.org/licenses/by-nc-nd/2.0/"/>
    <dc:rights>Attribution-NonCommercial-NoDerivs 2.0 Generic</dc:rights>
    <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T15:57:20Z</dc:date>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dc:format>application/pdf</dc:format>
    <dc:contributor>Meier, Lorenz</dc:contributor>
    <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T15:57:20Z</dcterms:available>
    <dc:contributor>Keim, Daniel A.</dc:contributor>
    <dcterms:abstract xml:lang="eng">Monitoring host behavior in a network is one of the most essential tasks in the fields of network monitoring and security since more and more malicious code in the wild internet constantly threatens the network infrastructure. In this paper, we present a visual analytics tool that visualizes network host behavior through positional changes in a two dimensional space using a force-directed graph layout algorithm. The tool s interaction capabilities allow for visual exploration of network traffic over time and are demonstrated using netflow data as well as IDS alerts. Automatic accentuation of hosts with highly variable traffic results in fast hypothesis generation and confirmation of suspicious host behavior. By triggering the behavior graph from the HNMap tool, we were able to monitor more abstract network entities.</dcterms:abstract>
    <foaf:homepage rdf:resource="http://localhost:8080/"/>
    <dcterms:bibliographicCitation>First publ. in: VizSEC 2007: proceedings of the Workshop on Visualization for Computer Security / John R. Goodall... (eds.). Berlin : Springer, 2008, pp. 187-202</dcterms:bibliographicCitation>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/5632/1/Visualization_of_Host_Behavior_for_Network_Security.pdf"/>
    <dc:creator>Mansmann, Florian</dc:creator>
    <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/5632/1/Visualization_of_Host_Behavior_for_Network_Security.pdf"/>
    <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/5632"/>
    <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
    <dc:creator>Keim, Daniel A.</dc:creator>
    <dc:contributor>Mansmann, Florian</dc:contributor>
  </rdf:Description>
</rdf:RDF>
Interner Vermerk
xmlui.Submission.submit.DescribeStep.inputForms.label.kops_note_fromSubmitter
Kontakt
URL der Originalveröffentl.
Prüfdatum der URL
Prüfungsdatum der Dissertation
Finanzierungsart
Kommentar zur Publikation
Allianzlizenz
Corresponding Authors der Uni Konstanz vorhanden
Internationale Co-Autor:innen
Universitätsbibliographie
Ja
Begutachtet
Diese Publikation teilen