Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.1.61

Study on security log visualization and security threat detection using RGB Palette  

Lee, Dong-Gun (Korea University)
Kim, Huy Kang (Korea University)
Kim, Eunjin (Kyonggi University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.1, 2015 , pp. 61-73 More about this Journal
Abstract
In order to respond quickly to security threats that are increasing fast and variously, security control personnel needs to understand the threat of a massive amount of logs generated from security devices such as firewalls and IDS. However, due to the limitations of the information processing capability of humans, it takes a lot of time to analyze the vast amount of security logs. As a result, there is problem that the detection and response of security threats are delayed. Visualization technique is an effective way to solve this problem. This paper visualizes the security log using the RGB Palette, offering a quick and effective way to know whether the security threat is occurred. And it was applied empirically in VAST Challenge 2012 dataset.
Keywords
security; visualization; RGB Palette; log; VAST Challenge;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Gwang-sun Choi, "Bigdata Visualization", Korea Society of Computer Information, 2013
2 Say Min, "What is data visualization," TED, 2012
3 G. Shurkhovetskyy, "Visual Analytics for Network Security," VAST challenge 2012, 2012
4 L. Shi, "Investigating Network Traffic Through Compressed Graph Visualization", VAST challenge 2012, 2012
5 H. Gibson, "Network Infrastructure Visualization Using High-Dimensional Node-Attribute Data," VAST challenge 2012, 2012
6 Y. Zhao, "A Real-Time Visualization System for Network Security", VAST challenge 2012, 2012
7 Y. Cao, "Dynamic Analysis of Large Datasets with Animated and Correlated Views", VAST challenge 2012, 2012
8 Y. Barcelos, "Combining traditional and high-density visualizations in a dashboard to network health monitoring", VAST challenge 2012, 2012
9 L. Harrison, "situ: Situational Understanding and Discovery for Cyber Attacks", VAST challenge 2012, 2012
10 J. Hildenbrand, "Chart- and Matrix-based Approach to Network Operations Forensics," VAST challenge 2012, 2012
11 M. Zhao, "Federating Geovisual Analytic Tools for Cyber Security Analysis", VAST challenge 2012, 2012
12 Hyun-sang Choi, "Fast detection and visualization of network attacks on parallel coordinates", Computer & Security 28, pp.276-288, 2009   DOI
13 Chi-yoon Jeong, "An Efficient Method for Analyzing Network Security Situation Using Visualization," Journal of The Korea Institute of information Security & Cryptology, 19(3), pp. 107-117, June 2009
14 W. Urbanski, "Cover-VT: Converged Security Visualization Tool," IEEE, pp.714-717, May 2011
15 T.J. Jankun-Kelly, "A Visual Analytic Framework for Exploring Relationships in Textual Contents of Digital Forensics Evidence," IEEE, pp.39-44, Oct. 2009
16 K. Lakkaraju, "Closing-the-Loop: Discovery and Search in Security Visualizations," IEEE, pp.58-63, June 2005
17 R.M. Savola, "A Visualization and Modeling Tool for Security Metrics and Measurements Management," IEEE, pp.1-8, Aug. 2011
18 C. Muelder, "A Visualization Methodology for Characterization of Network Scans," IEEE, pp.29-38, Oct. 2005
19 D. Barrera, "Accommodating IPv6 addresses in security visualization tools," Information Visualization (2011) 10, pp.107-116. Nov. 2010   DOI
20 G. Conti, "Countering Security Information Overload through Alert and Packet Visualization," IEEE, pp.60-70, Mar. 2006
21 R.F. Erbacher, "Designing Visualization Capabilities for IDS Challenges," IEEE, pp.121-127, Oct. 2005
22 P. Ren, "IDGraphs: Intrusion Detection and Analysis Using Histographs," IEEE, pp.39-46, Oct. 2005
23 M. Alsaleh, "Improving Security Visualization with Exposure Map Filtering," IEEE, pp.205-214, Dec. 2008
24 J. Steele and N. Illinsky, Jin-hong Kim, "Beautiful Visualization," pp.2-4, pp.24-25, 2012