• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations | Disambiguate

Visual Assistance for Concurrent Processing (1998)

by Robert F Erbacher
Add To MetaCart

Tools

Sorted by:
Results 1 - 4 of 4

Visual Behavior Characterization for Intrusion and Misuse Detection

by Robert Erbacher, Deborah Frincke , 2001
"... As computer and network intrusions become more and more of a concern, the need for better capabilities to assist in the detection and analysis of intrusions also increases. System administrators typically rely on log files to analyze usage and detect misuse. However, as a consequence of the amount o ..."
Abstract - Cited by 7 (0 self) - Add to MetaCart
As computer and network intrusions become more and more of a concern, the need for better capabilities to assist in the detection and analysis of intrusions also increases. System administrators typically rely on log files to analyze usage and detect misuse. However, as a consequence of the amount of data collected by each machine, multiplied by the tens or hundreds of machines under the system administrator's auspices, the entirety of the data available is neither collected nor analyzed. This is compounded by the need to analyze network traffic data as well.

Visualization in detection of intrusions and misuse in large scale networks

by Robert F. Erbacher - In Proceedings of the International Conference on Information Visualisation, IEEE Computer Society, International Conference on Information Visualization (IV2000), IEEE , 2000
"... The Internet is quickly becoming entrenched in the communication and commercial sectors of everyday life. With this movement away from traditional fixed infrastructure we are also moving away from the traditional securities placed within fixed infrastructure. This has led to increasing numbers of at ..."
Abstract - Cited by 4 (0 self) - Add to MetaCart
The Internet is quickly becoming entrenched in the communication and commercial sectors of everyday life. With this movement away from traditional fixed infrastructure we are also moving away from the traditional securities placed within fixed infrastructure. This has led to increasing numbers of attacks designed to infiltrate or disrupt the activities being performed by companies and individuals on the Internet. We are exploring the applicability of visualization techniques in conjunction with a well-known intrusion detection system (Hummer) for the detection and analysis of misuse of computer systems connected to the Internet. The visualization techniques will allow users to identify the behavior of users connecting to the system and identify those whose intentions are unwelcome. 1.
(Show Context)

Citation Context

...l [12]. The techniques developed for these purposes do not provide sufficient detail for our needs. Other work has been geared towards visualizing systems for program analysis and program development =-=[13]-=-. These environments typically deal with small numbers of processors that are working on a single task and thus have a common grounding. This research into network usage has not been applied to networ...

Visual Network Forensic Techniques and Processes

by Robert F. Erbacher, Member Ieee, Kim Christiansen, A Sundberg
"... Abstract—Network forensics is the critical next step in the analysis of network attacks, intrusions, and misuses. It is the forensic process that will aid identification of what occurred and how. With the explosion in numbers and types of attacks it is critical that new techniques be developed to ai ..."
Abstract - Add to MetaCart
Abstract—Network forensics is the critical next step in the analysis of network attacks, intrusions, and misuses. It is the forensic process that will aid identification of what occurred and how. With the explosion in numbers and types of attacks it is critical that new techniques be developed to aid in the analysis of said attacks. For instance, with the recent widespread deployment of botnets, it is forensic techniques that will allow these botnets to be dissected to determine their extent, their capability, their control mechanisms, etc. In this paper we discuss visualization techniques designed around the analysis of network traffic data and tailored to the scalability issues intrinsic to such data. In conjunction with these techniques we discuss how these techniques fit into an analysts repertoire, how we foresee them being used, their advantages to the forensic process, and the process through which they will be effectively applied.
(Show Context)

Citation Context

...fficient detail or handle sufficient numbers of nodes and attributes in combination for our needs.. Other work has been geared towards visualizing systems for program analysis and program development =-=[7]-=-. 6. CONCLUSIONS We have developed techniques and processes for the forensic analysis of network traffic data. The process takes into account the complexity of real network forensics, the need for new...

unknown title

by Robert F. Erbacher
"... Visual monitoring environments, such as intrusion detection systems, debugging environments, and feature extraction systems, require that a user familiar with the target domain examine, most often continuously, the visual representation of the underlying data. This improves the efficiency of the ana ..."
Abstract - Add to MetaCart
Visual monitoring environments, such as intrusion detection systems, debugging environments, and feature extraction systems, require that a user familiar with the target domain examine, most often continuously, the visual representation of the underlying data. This improves the efficiency of the analysis but requires that the visualization expert work with the user to provide the information in an efficient form. How the users employ the environment and the type and quantity of data will also affect aspects of the environment. The goal is to develop a user centric view when designing the software and meet the unique needs of the user at hand. Our work with intrusion and misuse detection has led to the need to develop techniques geared for these users. This requires us to give up some typical metaphors familiar to visualization experts that would not be acceptable to the expected user base. We will discuss the issues involved in developing visualization techniques when the user is not a visualization expert, has preconceived notions or expectation of the visualization environment, and has needs that fall outside the normal expectations of the visualization expert.
(Show Context)

Citation Context

...l and subsequently resolves many fewer nodes and attributes than is needed for intrusion detection. Other work has been geared towards visualizing systems for program analysis and program development =-=[7]-=-. These environments typically deal with small numbers of processors that are working on a single task and thus have a common grounding. This research into network usage has not been applied to networ...

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University