Sciweavers

Share
ACSAC
2008
IEEE

Improving Security Visualization with Exposure Map Filtering

9 years 8 months ago
Improving Security Visualization with Exposure Map Filtering
Flow based analysis of network traffic is commonly used to analyze and understand security-related events. Graphical analysis helps analysts detect patterns or behaviors that would not be obvious in a text-based environment. The growing volume of network data generated and captured makes it increasingly difficult to detect increasingly sophisticated reconnaissance and stealthy network attacks. We propose a network flow filtering mechanism that leverages the exposure maps technique of Whyte et al. (2007), reducing the traffic for the visualization process according to the network services being offered. This allows focus to be limited to selected subsets of the network traffic, for example what might be categorized (correctly or otherwise) as the unexpected or potentially malicious portion. In particular, we use this technique to filter out traffic from sources that have not gained knowledge from the network in question. We evaluate the benefits of our technique on different visu...
Mansour Alsaleh, David Barrera, Paul C. van Oorsch
Added 28 May 2010
Updated 28 May 2010
Type Conference
Year 2008
Where ACSAC
Authors Mansour Alsaleh, David Barrera, Paul C. van Oorschot
Comments (0)
books