Anomaly Detection Using Visualization-based Network Forensics
![]() |
Jo, Woo-yeon
(Ajou University)
Kim, Myung-jong (Ajou University) Park, Keun-ho (Ajou University) Hong, Man-pyo (Ajou University) Kwak, Jin (Ajou University) Shon, Taeshik (Ajou University) |
1 | ICS-CERT, "ICS-CERT Monitor November-December 2015", Nov, 2016. |
2 | ICS Security Summit, "What's the DFIRe nce for ICS?", https://www.sans.org/event-downloads/42402/agenda.pdf, p.4, Feb. 2016 |
3 | IEEE Power and Energy Society, IEEE Standard for Electric Power Systems Communications.Distributed Network Protocol (DNP3), 2012 |
4 | NETRESEC, NetworkMiner, http://www.netresec.com/?page=NetworkMiner, 2016. |
5 | FireEye, Industrial Control Systems Health Check, https://www.fireeye.com/services/mandiant-industrial-control-system-gap-assessment.html, 2016. |
6 | Ahmed, Irfan, et al. "SCADA systems: Challenges for forensic investigators." Computer vol. 45, pp.44-51, Dec. 2012. DOI |
7 | Promrit, Nuttachot, et al. "Multi-dimensional visualization for network forensic analysis." Networked Computing (INC), 2011 The 7th International Conference on. IEEE, Sept. 2011. |
8 | Abeyrathne, K. B., et al. "Visualization Tool for Network Forensics Analysis Using an Intrusion Detection System CyberViZ.", vol. 3, Dec. 2009. |
9 | van Riel, Jean-Pierre, and Barry Irwin. "InetVis, a visual tool for network telescope traffic analysis." Proceedings of the 4th international conference on Computer graphics, virtual reality, visualisation and interaction in Africa. ACM, pp. 85-89, Jan. 2006. |
10 | Blue, Ryan, et al. "Visualizing real-time network resource usage." Visualization for Computer Security. Springer Berlin Heidelberg, vol. 5210, pp. 119-135, Sept. 2008. |
11 | Digital Bond, Download the PCAP files to test the Quickdraw Signatures, http://www.digitalbond.com/tools/quickdraw/download/, 2016 |
![]() |