Abstract | ||
---|---|---|
Manual analysis of security-related events is still a necessity to investigate non-trivial cyber attacks. This task is particularly hard when the events involve slow, stealthy and large-scale activities typical of the modern cybercriminals' strategy. In this regard, visualization tools can effectively help analysts in their investigations. In this paper, we present BURN, an interactive visualization tool for displaying autonomous systems exhibiting rogue activity that helps at finding misbehaving networks through visual and interactive exploration. Up to seven values are displayed in a single visual element, while avoiding cumbersome and confusing maps. To this end, animations and alpha channels are leveraged to create simple views that highlight relevant activity patterns. In addition, BURN incorporates a simple algorithm to identify migrations of nefarious services across autonomous systems, which can support, for instance, root-cause analysis and law enforcement investigations. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1145/2016904.2016910 | VizSEC |
Keywords | Field | DocType |
highlight relevant activity pattern,simple view,autonomous system,manual analysis,simple algorithm,interactive exploration,interactive visualization tool,unknown rogue network,root-cause analysis,rogue activity,large-scale activity,interactive visualization,decision model,visual analytics,information security,root cause analysis,visualization | Data mining,Computer security,Visualization,Computer science,Information security,Visual analytics,Communication channel,Interactive visualization,Autonomous system (Internet),Decision model,Law enforcement | Conference |
Citations | PageRank | References |
7 | 0.47 | 6 |
Authors | ||
6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Francesco Roveta | 1 | 7 | 0.47 |
Giorgio Caviglia | 2 | 8 | 0.86 |
Luca Di Mario | 3 | 7 | 0.47 |
Stefano Zanero | 4 | 736 | 53.78 |
Federico Maggi | 5 | 524 | 37.68 |
Paolo Ciuccarelli | 6 | 40 | 5.46 |