Abstract
Most visualizations of security-related network data require large amounts of finely detailed, high-dimensional data. However, in some cases, the data available can only be coarsely detailed because of security concerns or other limitations. How can interesting security events still be discovered in data that lacks important details, such as IP addresses, network security alarms, and labels? In this paper, we discuss a system we have designed that takes very coarsely detailed data-basic, summarized information of the activity on each TCP port during each given hour-and uses visualization to help uncover interesting security events.
Original language | English (US) |
---|---|
Title of host publication | VizSEC/DMSEC '04 |
Subtitle of host publication | Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security |
Pages | 73-81 |
Number of pages | 9 |
State | Published - Dec 1 2004 |
Event | VizSEC/DMSEC '04: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security - Washington, DC, United States Duration: Oct 29 2004 → Oct 29 2004 |
Other
Other | VizSEC/DMSEC '04: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security |
---|---|
Country | United States |
City | Washington, DC |
Period | 10/29/04 → 10/29/04 |
Keywords
- Information visualization
- Network security
- User interfaces
ASJC Scopus subject areas
- Engineering(all)