VizSEC 2007: Proceedings of the Workshop on Visualization by John R. Goodall, Gregory Conti, Kwan-Liu Ma

By John R. Goodall, Gregory Conti, Kwan-Liu Ma

Networked pcs are ubiquitous, and are topic to assault, misuse, and abuse. One way to counteracting this cyber danger is to supply safeguard analysts with larger instruments to find styles, realize anomalies, establish correlations, and speak their findings. Visualization for desktop safeguard (VizSec) researchers and builders are doing simply that. VizSec is ready placing powerful info visualization instruments into the palms of human analysts to use the facility of the human perceptual and cognitive methods in fixing laptop safety difficulties. This quantity collects the papers awarded on the 4th foreign Workshop on laptop safety - VizSec 2007.

Show description

Read Online or Download VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security PDF

Similar graph theory books

Managing and Mining Graph Data

Managing and Mining Graph information is a entire survey booklet in graph administration and mining. It includes large surveys on numerous very important graph themes reminiscent of graph languages, indexing, clustering, info iteration, development mining, category, key-phrase seek, development matching, and privateness. It additionally stories a couple of domain-specific eventualities reminiscent of circulation mining, net graphs, social networks, chemical and organic info. The chapters are written via popular researchers within the box, and supply a wide viewpoint of the world. this is often the 1st finished survey publication within the rising subject of graph info processing.

Managing and Mining Graph facts is designed for a diversified viewers composed of professors, researchers and practitioners in undefined. This quantity is usually appropriate as a reference booklet for advanced-level database scholars in desktop technological know-how and engineering.

Tree lattices

Team activities on timber provide a unified geometric approach of recasting the bankruptcy of combinatorial workforce idea facing unfastened teams, amalgams, and HNN extensions. a few of the relevant examples come up from rank one basic Lie teams over a non-archimedean neighborhood box performing on their Bruhat--Tits bushes.

Genetic Theory for Cubic Graphs

This publication used to be inspired by means of the suggestion that many of the underlying trouble in demanding circumstances of graph-based difficulties (e. g. , the touring Salesman challenge) will be “inherited” from less complicated graphs which – in a suitable feel – should be obvious as “ancestors” of the given graph example. The authors suggest a partitioning of the set of unlabeled, attached cubic graphs into disjoint subsets named genes and descendants, the place the cardinality of the descendants dominates that of the genes.

Extra resources for VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security

Example text

During the first stage, a CND analyst acquires data about the monitored environment, which is typical of the perceptual stage of situation awareness. As the analyst performs triage on interesting activity, comprehension begins. An analyst assembles and integrates data to form a mental model of how the interesting activity might represent an attacker’s action. By testing hypotheses through additional data and input from colleagues, an analyst modifies and clarifies his mental model. By the end of the first stage, when the analyst decides whether to escalate, the focus shifts from perception to comprehension.

We focused on CND analysts who look at network traffic and related data to determine whether the information assets are under attack and who the attacker is. To collect data, we used a combination of four knowledge capture techniques: semi-structured interviews, observations, review of critical incidents and hypothetical scenario construction. In semi-structured interviews, the researcher guided discussion with an analyst by using a checklist of questions, yet also used wide latitude to encourage the subject to describe the day-to-day work in detail.

Expanding on the example of incident reports, the value of CND visualization is strengthened when contextual data are immediately available for viewing. , “Hot IP” lists, prior incident reports) information that speeds situation awareness. In the case of “Hot IP” lists, CND organizations frequently maintain a changing list of IP addresses of particular interest. An analyst may also have a list related to his individual set of investigations. The analyst’s perception and comprehension will be improved if data visualizations automatically highlight IP addresses that appear on the organization’s list or his individual list.

Download PDF sample

Rated 4.59 of 5 – based on 42 votes