Comparing Two Techniques for Intrusion Visualization
نویسندگان
چکیده
Various techniques have been proposed to model attacks on systems. In order to understand such attacks and thereby propose efficient mitigations, the sequence of steps in the attack should be analysed thoroughly. However, there is a lack of techniques to represent intrusion scenarios across a system architecture. This paper proposes a new technique called misuse sequence diagrams (MUSD). MUSD represents the sequence of attacker interactions with system components and how they were misused over time by exploiting their vulnerabilities. The paper investigates MUSD in a controlled experiment with 42 students, comparing it with a similar technique called misuse case maps (MUCM). The results suggest that the two mostly perform equally well and they are complementary regarding architectural issues and temporal sequences of actions though MUSD was perceived more favourably.
منابع مشابه
Visualization Techniques for Intrusion Detection – a Survey
In traditional intrusion detection system (IDS) environments, little activity has been applied to using visual analysis as an aid to intrusion detection. With more information systems being attacked and attack techniques evolving, the task of detecting intrusions is becoming an increasingly difficult. Efficient information visualization is an important element required for urgent detection of i...
متن کاملI Data Management Designing a Visualization Framework for Multidimensional Data ______________________________ Visualization Viewpoints Raw Data User Tasks Data Set Management @bullet Mesh Simplification @bullet Data Mining @bullet Summarization
producing rapid advances in the diversity of research and in the scope of proposed techniques. Much of the initial focus in computer-based visualization concentrated on display algorithms, often for specific domains. For example, volume, flow, and terrain visualization techniques have generated significant insights into fundamental graphics and visualization theory, aiding the application exper...
متن کاملAnomaly Detection Using S Language Framework: Clustering and Visualization of Intrusive Attacks on Computer Systems
Many intrusion detection projects employ a multitude of statistical methods and machine learning techniques to achieve their goal. However there is a lack of a unified framework for developing, testing and comparing the results. This study introduces the S Language and its environment as a potential candidate for this unified framework, which can also be used to develop new methods, alter exist...
متن کاملNetwork Intrusion Visualization with NIVA, an Intrusion Detection Visual Analyzer with Haptic Integration
The explosive growth of malicious activities on worldwide communication networks, such as the Internet, has highlighted the need for efficient intrusion detection systems. The efficiency of traditional intrusion detection systems is limited by their inability to effectively relay relevant information due to their lack of interactive/immersive technologies. In this paper, we explore several netw...
متن کاملData Visualization Technique Framework for Intrusion detection
Network attacks have become the fundamental threat to today's largely interconnected computer system. Intrusion detection system (IDS) is indispensable to defend the system in the face of increasing vulnerabilities. While a number of information visualization software frameworks exist, creating new visualizations, especially those that involve novel visualization metaphors, interaction techniqu...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010