Network Eye: End-to-End Computer Security Visualization (original) (raw)

2004, Submitted for consideration at ACM CCS Workshop on Visualization and Data Mining for Computer Security (VizSec/DMSec)

Abstract

Visibility is crucial to managing and securing today's computers and networks. Visualization tools are a means to provide visibility into the invisible world of network computing. Many good tools exist that give administrators a view into parts of the total picture, but our year-long study of system administrators and their tools shows a strong need for end-to-end visualization of network activity that preserves the context of the information observed. End-to-end visualization will allow an administrator to focus on one ...

Loading...

Loading Preview

Sorry, preview is currently unavailable. You can download the paper by clicking the button above.

References (20)

  1. AppRadar, © 2004. Application Security, Inc., http://www.appsecinc.com/products/appradar/
  2. Ball, R. G., Fink, G. A., Rathi, A., Shah, S., and North, C., "Home-Centric Visualization of Network Traffic for Security Administration," To be published, 2004.
  3. Cao, J.; Cleveland, W.S.; and Sun, D.X., S-Net: A Software System for Analyzing Packet Header Databases. in Passive and Active Measurement Workshop Proceedings, (Fort Collins, Colo- rado, USA, 2002), 34-44.
  4. Erbacher, R.F., Intrusion behavior detection through visualization. in Systems, Man and Cybernetics, 2003. IEEE International Confer- ence on, (2003), 2507-2513.
  5. Estan, C., Savage, S. and Varghese, G., Auto- matically inferring patterns of resource con- sumption in network traffic. in Proceedings of the 2003 conference on Applications, tech- nologies, architectures, and protocols for computer communications, (Karlsruhe, Ger- many, 2003), ACM Press, New York, NY, USA, 137-148.
  6. Girardan, L., An eye on network intruder- administrator shootouts. in Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, 1999. USENIX As- soc.
  7. Haines, J.W., Lippmann, R.P., Fried, D.J., Tran, E., Boswell, S. and Zissman, M.A. 1 9 9 9 DARPA Intrusion Detection System Evalua- tion: Design and Procedures, MIT Lincoln Laboratory, 2001.
  8. Internet Security Systems, Inc. Simplified De- ployment, Streamlined Management and Maximized Protection: Proventia™ Dynamic Threat Protection™ Appliances; Protection Without Complexity, Internet Security Sys- tems, Inc. (www.iss.com), 2003.
  9. Keim, D.A. Designing pixel-oriented visualiza- tion techniques: theory and applications. IEEE Transactions on Visualization and Computer Graphics, 6 (1). 59-78. 2000.
  10. Lau, S. The Spinning Cube of Potential Doom. Communications of the ACM, 47 (6). 25-26. 2004.
  11. MacGuire, S. and Croteau, R.A. Big Brother, BB4 Technologies Inc, part of Quest Software Inc., 2003, Web-based Systems and Network Monitor.
  12. Oetiker, T. and Rand, D., MRTG-The Multi Router Traffic Grapher, Swiss Federal Institute of Technology, Zurich, Switzerland, 1998, http://people.ee.ethz.ch/\~oetiker/webtools/mrtg /paper/
  13. Schultz, E.E.; Mellander, J.; and Peterson, D. R., The MS-SQL Slammer Worm, Network Secu- rity, Vo 2003, Issue 3, March 2003, Pages 10- 14
  14. Tcpdump. TCPDUMP public repository http://www.tcpdump.org, 2003.
  15. Teoh, S.T.; Jankun-Kelly, T.J.; Ma, Kwan-Liu;
  16. Wu, S. Felix, "Visual Data Analysis for De- tecting Flaws and Intruders in Computer Net- work Systems," Submitted to Infovis 2003.
  17. Toledo Juan Cota, EtherApe, July 2001. http://etherape.sourceforge.net/, last accessed June 2004.
  18. Venter, H.S. and Eloff, J.H.P. A taxonomy for information security technologies. Computers & Security, 22 (4). 299-307.
  19. Wickens, C.D.; Sandry, D.L.; and Vidulich, M. Compatibility and Resource Competition be- tween Modalities of Input, Central Processing, and Output. Human Factors, 25 (2). 227-248. 1983.
  20. Zou, C.C., Gong, W. and Towsley, D., Code red worm propagation modeling and analysis. in Proceedings of the 9th ACM conference on Computer and communications security, (Washington, DC, USA, 2002), ACM Press, New York, NY, USA, 138-147.