• Title/Summary/Keyword: security visualization

Search Result 137, Processing Time 0.02 seconds

A Real-Time and Statistical Visualization Methodology of Cyber Threats Based on IP Addresses (IP 주소 기반 사이버공격 실시간 및 통계적 가시화 방법)

  • Moon, Hyeongwoo;Kwon, Taewoong;Lee, Jun;Ryou, Jaecheol;Song, Jungsuk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.3
    • /
    • pp.465-479
    • /
    • 2020
  • Regardless of the domestic and foreign governments/companies, SOC (Security Operation Center) has operated 24 hours a day for the entire year to ensure the security for their IT infrastructures. However, almost all SOCs have a critical limitation by nature, caused from heavily depending on the manual analysis of human agents with the text-based monitoring architecture. Even though, in order to overcome the drawback, technologies for a comprehensive visualization against complex cyber threats have been studying, most of them are inappropriate for the security monitoring in large-scale networks. In this paper, to solve the problem, we propose a novel visual approach for intuitive threats monitoring b detecting suspicious IP address, which is an ultimate challenge in cyber security monitoring. The approach particularly makes it possible to detect, trace and analysis of suspicious IPs statistically in real-time manner. As a result, the system implemented by the proposed method is suitably applied and utilized to the real-would environment. Moreover, the usability of the approach is verified by successful detecting and analyzing various attack IPs.

Research on Intrusion Detection Visualization using Web Log Data set (웹 로그 데이터셋을 이용한 침입 상태 시각화 방안에 관한 연구)

  • Lee, Su-Young;Koo, Bon-Hyun;Cho, Jae-Ik;Cho, Kyu-Hyung;Moon, Jong-Sub
    • Proceedings of the Korean Society of Broadcast Engineers Conference
    • /
    • 2007.02a
    • /
    • pp.134-137
    • /
    • 2007
  • 최근 인터넷 사용이 폭발적으로 증가함과 더불어 웹 어플리케이션에 대한 다양한 공격이 발생하고 있다 이런 다양한 웹 공격에 대해 방어를 위해서는 효율적인 침입탐지가 가능하여야 하며, 이상행위에 대해 신속하고 적절한 정보전달이 필요하다. 다양한 보안 이벤트들에 대한 시각화 시스템은 이를 만족시켜주는 수단이다. 본 논문에서는 선행 연구였던 웹 공격 기법에 대해 분석해보고 시각화 기법을 살펴본 후, 이를 개선하여 기존 시각화 기법으로는 표현하지 못했던 웹 로그 데이터셋에 기초한 웹 이상행위의 시각화기법을 제안한다. 웹 침입탐지 시각화 시스템을 바탕으로 다양한 웹 공격에 대한 시각화 실험결과를 제시한다.

  • PDF

An Log Visualization Method of Network Security Equipment for Private Information Security (개인정보 보호를 위한 네트워크 보안장비의 로그 가시화 방법 연구)

  • Sim, Hee-Youn;Kim, Hyung-Jong
    • Convergence Security Journal
    • /
    • v.8 no.4
    • /
    • pp.31-40
    • /
    • 2008
  • Recently, network forensic research which analyzes intrusion-related information for tracing of attackers, has been becoming more popular than disk forensic which analyzes remaining evidences in a system. Analysis and correlation of logs from firewall, IDS(Intrusion Detect System) and web server are important part in network forensic procedures. This work suggests integrated graphical user interface of network forensic for private information leakage detection. This paper shows the necessity of various log information for network forensic and a design of graphical user interface for security managers who need to monitor the leakage of private information.

  • PDF

Best Practices on Validation and Extraction of Object oriented Designs with Code Visualization Tool-chain (코드 가시화 툴체인 기반 UML 설계 추출 및 검증 사례)

  • Lee, Won-Young;Kim, Robert YoungChul
    • Journal of Internet Computing and Services
    • /
    • v.23 no.2
    • /
    • pp.79-86
    • /
    • 2022
  • This paper focuses on realizing design improvement and high quality through visualization of reverse engineering-based software. As new technologies and complex software emerge in various areas of the fourth industry in the future, software verification with both stability and reliability is becoming an issue. We propose a reverse engineering-based UML design extraction and visualization for high-quality software ranging from simple computational software to machine learning-based data-oriented software. Through this study, it is expected to improve software quality through design improvement by checking the accuracy of the target design and identifying the code complexity.

Visualization Model for Security Threat Data in Smart Factory based on Heatmap (히트맵 기반 스마트팩토리 보안위협 데이터 시각화 모델)

  • Jung, In-Su;Kim, Eui-Jin;Kwak, Jin
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2021.11a
    • /
    • pp.284-287
    • /
    • 2021
  • 4차 산업혁명으로 인해 제조산업에 인공지능, 빅데이터와 같은 ICT 기술을 활용한 스마트팩토리의 제조 공정 자동화 및 장치 고도화 연구가 진행되고 있다. 제조 공정 자동화를 위해 스마트팩토리의 각 계층별 장치들이 유기적으로 연결되고 있으며, 이로 인해 발생 가능한 보안위협도 증가하고 있다. 스마트팩토리에서는 SIEM 등의 장비가 보안위협 데이터를 수집·분석·시각화하여 대응하고 있다. 보안위협 데이터 시각화에는 그리드 뷰, 피벗 뷰, 그래프, 차트, 테이블을 활용한 대시보드 형태로 제공하고 있지만, 이는 스마트팩토리 전 계층의 보안위협 데이터 확인에 대한 가시성이 부족하다. 따라서, 본 논문에서는 스마트팩토리 보안위협 데이터를 CVSS 점수 기반의 Likelihood와 보안위협 데이터 기반의 Impact를 활용하여 위험도를 도출하고, 히트맵 기반 스마트팩토리 보안위협 데이터 시각화 모델을 제안한다.

Development of Linux CCE Vulnerability Diagnosis and Visualization System (리눅스 CCE 취약점 진단 및 시각화 시스템 개발)

  • Han-sun Kim;Eun-Ji Woo;Eun-Kyung Lee;Ho-Sim Jeong
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2023.05a
    • /
    • pp.140-141
    • /
    • 2023
  • 최근 클라우드 이용자 수의 급증에 따라 클라우드 상의 리눅스 환경 보안의 중요성이 대두되고 있다. 또한 클라우드 상의 리눅스 환경의 CCE(Common Configuration Enumeration) 취약점 보안 설정은 중요성의 비해 사용자들이 놓치는 경우가 많은 실정이다. 하지만 앞서 진행된 연구에는 리눅스 서버에 대한 보안 관리 방안으로 스크립트를 통한 진단방식 만을 제공하였다. 본 논문에서는 진단 쉘 스크립트 사용 및 진단 항목별 실시간 통계 분석, 시각화를 활용해 리눅스 환경을 향한 사이버 공격을 대비한다. 이후 보안 담당자들이 클라우드 취약점을 점검하는 데 유용한 도구가 될 것으로 사료된다.

보안과 비즈니스 요구, 그리고 시각화(Visualization)

  • Lee Yong-Gyun
    • Review of KIISC
    • /
    • v.16 no.2
    • /
    • pp.26-29
    • /
    • 2006
  • 정보의 시각화 연구는 결국 비즈니스와 연결되어 있다. 수많은 정보들로부터 비즈니스를 지켜내기 위한 거시적 관점의 시각화 요구를 충족하기 위한 노력이 필요하다. 기업의 다양하고 방대한 양의 위협정보들을 경영자의 의사결정과 행동에 옮길수 있도록 지원하는 수단으로서의 시각화 요구사항들을 살펴보고자 한다.

Algorithms for Classifying the Results at the Baccalaureate Exam-Comparative Analysis of Performances

  • Marcu, Daniela;Danubianu, Mirela;Barila, Adina;Simionescu, Corina
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.8
    • /
    • pp.35-42
    • /
    • 2021
  • In the current context of digitalization of education, the use of modern methods and techniques of data analysis and processing in order to improve students' school results has a very important role. In our paper, we aimed to perform a comparative study of the classification performances of AdaBoost, SVM, Naive Bayes, Neural Network and kNN algorithms to classify the results obtained at the Baccalaureate by students from a college in Suceava, during 2012-2019. To evaluate the results we used the metrics: AUC, CA, F1, Precision and Recall. The AdaBoost algorithm achieves incredible performance for classifying the results into two categories: promoted / rejected. Next in terms of performance is Naive Bayes with a score of 0.999 for the AUC metric. The Neural Network and kNN algorithms obtain scores of 0.998 and 0.996 for AUC, respectively. SVM shows poorer performance with the score 0.987 for AUC. With the help of the HeatMap and DataTable visualization tools we identified possible correlations between classification results and some characteristics of data.

Applying Information and Communication Technologies as A Scope of Teaching Activities and Visualization Techniques for Scientific Research

  • Viktoriya L. Pogrebnaya;Natalia O. Kodatska;Viktoriia D. Khurdei;Vitalii M. Razzhyvin;Lada Yu. Lichman;Hennadiy A. Senkevich
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.2
    • /
    • pp.193-198
    • /
    • 2023
  • The article focuses on the areas of education activities in using techniques for teaching and learning with information and communication technologies (ICTs), researching and analyzing the available ICTs, gearing the technologies to the specific psychological and pedagogical conditions, independently building and modeling ICTs, enlarging and developing their use in the learning environment. The visualization of scientific research has been determined to be part of the educational support for building students' ICT competence during teaching and learning and is essential to the methodology culture. There have been specified main tasks for pedagogy technologies (PTs) to develop the skills of adaptability to the global digital space in students, their effective database operation and using the data bases as necessary elements for learning and as part of professional training for research. We provided rationalization for implementing the latest ICTs into the Ukrainian universities' curricula, as well as creating modern methods for using the technologies in the learning / teaching process and scientific activities.

Research on functional area-specific technologies application of future C4I system for efficient battlefield visualization (미래 지휘통제체계의 효율적 전장 가시화를 위한 기능 영역별 첨단기술 적용방안)

  • Sangjun Park;Jungho Kang;Yongjoon Lee;Jeewon Kim
    • Convergence Security Journal
    • /
    • v.23 no.4
    • /
    • pp.109-119
    • /
    • 2023
  • C4I system is an integrated battlefield information system that automates the five elements of command, control, communications, computers, and information to efficiently manage the battlefield. C4I systems play an important role in collecting and analyzing enemy positions, situations, and operational results to ensure that all services have the same picture in real time and optimize command decisions and mission orders. However, the current C4I has limitations whenever a new weapon system is introduced, as it only provides battlefield visualization in a single area focusing on the battlefield situation for each military service. In a future battlefield that expands not only to land, sea, and air domains but also to cyber and space domains, improved command and control decisions will be possible if organic data from various weapon systems is gathered to quickly visualize the battlefield situation desired by the user. In this study, the visualization technology applicable to the future C4I system is divided into map area, situation map area, and display area. The technological implementation of this future C4I system is based on various data and communication means such as 5G networks, and is expected to enable hyper-connected battlefield visualization that utilizes a variety of high-quality information to enable realistic and efficient battlefield situation awareness.