Study on security log visualization and security threat detection using RGB Palette

作者: Dong-Gun Lee , Huy Kang Kim , Eunjin Kim

DOI: 10.13089/JKIISC.2015.25.1.61

关键词:

摘要: ABSTRACT In order to respond quickly security threats that are increa sing fast and variously, control personnel needs understand the threat of a massive amount logs generated fro m devices such as firewalls IDS. However, due limitations information processing capability hum ans, it takes lot time analyze vast secur ity logs. As result, there is problem detection response delayed. Visualization technique i s an effective way solve this problem. This paper visualizes log using RGB Palette, offering quick know whether occurred. And was applied empirically in VAST Challenge 2012 dataset. Keywords: security, visualization, log, I.서 론 1) 1.1연구배경 및 연구 목적2013년 3월 20일 방송국 금융권을 공격한 접수일(2014년 9월 30일), 수정일(2014년 12월 16일), 게재확정일(2014년 23일)* 본 논문은 미래창조과학부 정보통신산업진흥원의 대학IT연구센터육성 지원사업의 연구결과로 수행되었음

参考文章(20)
Pin Ren, Yan Gao, Zhichun Li, Yan Chen, B. Watson, IDGraphs: intrusion detection and analysis using histographs visualization for computer security. pp. 5- 5 ,(2005) , 10.1109/VIZSEC.2005.7
C. Muelder, Kwan-Liu Ma, T. Bartoletti, A visualization methodology for characterization of network scans visualization for computer security. pp. 4- 4 ,(2005) , 10.1109/VIZSEC.2005.2
R.F. Erbacher, K. Christensen, A. Sundberg, Designing visualization capabilities for IDS challenges visualization for computer security. pp. 15- 15 ,(2005) , 10.1109/VIZSEC.2005.5
Hyunsang Choi, Heejo Lee, Hyogon Kim, None, Fast detection and visualization of network attacks on parallel coordinates Computers & Security. ,vol. 28, pp. 276- 288 ,(2009) , 10.1016/J.COSE.2008.12.003
Yussif Barcelos, Flavia Aburjaile, Laura R Leite, Solange T Oliveira, Raquel C de Melo-MinarcTi, None, Combining traditional and high-density visualizations in a dashboard to network health monitoring visual analytics science and technology. pp. 295- 296 ,(2012) , 10.1109/VAST.2012.6400509
Lane Harrison, Jason Laska, Riley Spahn, Mike Iannacone, Evan Downing, Erik M. Ferragut, John R. Goodall, situ: Situational understanding and discovery for cyber attacks visual analytics science and technology. pp. 307- 308 ,(2012) , 10.1109/VAST.2012.6400503
Yong Cao, Reese Moore, Peng Mi, Alex Endert, Chris North, Randy Marchany, Dynamic analysis of large datasets with animated and correlated views: VAST 2012 Mini Challenge # award: Honorable mention for good use of coordinated displays visual analytics science and technology. pp. 283- 284 ,(2012) , 10.1109/VAST.2012.6400515
Jan Hildenbrand, Daniel-Ionut Paval, Prakash Thapa, Christian Rohrdantz, Florian Mansmann, Enrico Bertini, Tobias Schreck, VAST 2012 Mini-Challenge 2: Chart- and Matrix-based approach to network operations forensics visual analytics science and technology. pp. 287- 288 ,(2012) , 10.1109/VAST.2012.6400513
David Barrera, Paul C van Oorschot, Accommodating IPv6 Addresses in Security Visualization Tools Information Visualization. ,vol. 10, pp. 107- 116 ,(2011) , 10.1057/IVS.2010.9
Mingyi Zhao, Chen Zhong, Richard Ciamaichelo, Michael Konek, Neela Sawant, Nicklaus A. Giacobe, Federating geovisual analytic tools for cyber security analysis visual analytics science and technology. pp. 303- 304 ,(2012) , 10.1109/VAST.2012.6400505