Cited By
View all- Yoo SJo JKim BSeo J(2020)Hyperion: A Visual Analytics Tool for an Intrusion Detection and Prevention SystemIEEE Access10.1109/ACCESS.2020.30107898(133865-133881)Online publication date: 2020
IDSPlanet: A Novel Radial Visualization of Intrusion Detection Alerts
Authors: 
Yang Shi, Yaoxue Zhang, Fangfang Zhou, Ying Zhao, Guojun Wang, Ronghua Shi, Xing LiangAuthors Info & Claims
Yang Shi, Yaoxue Zhang, Fangfang Zhou, Ying Zhao, Guojun Wang, Ronghua Shi, Xing LiangAuthors Info & ClaimsPages 25 - 29
Abstract
In this article, we present a novel radial visualization of IDS alerts, named IDSPlanet, which helps administrators identify false positives, analyze attack patterns, and understand evolving network conditions. Inspired by celestial bodies, IDSPlanet is composed of Chrono Rings, Alert Continents, and Interactive Core. These components correspond with temporal features of alert types, patterns of behavior in affected hosts, and correlations amongst alert types, attackers and targets. The visualization provides an informative picture for the status of the network. In addition, IDSPlanet offers different interactions and monitoring modes, which allow users to interact with high-interest individuals in detail as well as to explore overall pattern.
References
[1]
K. Abdullah, C. Lee, G. Conti, J. A. Copeland, and J. Stasko. Ids rainstorm: Visualizing ids alarms. 2005.
[2]
E. Bertini, P. Hertzog, and D. Lalanne. Spiralview: towards security policies assessment through visual correlation of network resources with evolution of alarms. In Visual Analytics Science and Technology, 2007. VAST 2007. IEEE Symposium on, pages 139--146. IEEE, 2007.
[3]
G. M. Draper, Y. Livnat, and R. F. Riesenfeld. A survey of radial methods for information visualization. Visualization and Computer Graphics, IEEE Transactions on, 15(5):759--776, 2009.
[4]
M. Dumas, J.-M. Robert, and M. J. McGuffin. Alertwheel: radial bipartite graph visualization applied to intrusion detection system alerts. Network, IEEE, 26(6):12--18, 2012.
[5]
R. F. Erbacher, K. Christensen, and A. Sundberg. Designing visualization capabilities for ids challenges. In Visualization for Computer Security, 2005. (VizSEC 05). IEEE Workshop on, pages 121--127. IEEE, 2005.
[6]
C.-Y. Ho, Y.-D. Lin, Y.-C. Lai, I.-W. Chen, F.-Y. Wang, and W.-H. Tai. False positives and negatives from real traffic with intrusion detection/prevention systems. International Journal of Future Computer and Communication, 1(2):87, 2012.
[7]
D. Keim, F. Mansmann, J. Schneidewind, T. Schreck, et al. Monitoring network traffic with radial traffic analyzer. In Visual Analytics Science And Technology, 2006 IEEE Symposium On, pages 123--128. IEEE, 2006.
[8]
H. Koike and K. Ohno. Snortview: visualization system of snort logs. In Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, pages 143--147. ACM, 2004.
[9]
Y. Livnat, J. Agutter, S. Moon, R. F. Erbacher, and S. Foresti. A visualization paradigm for network intrusion detection. In Information Assurance Workshop, 2005. IAW'05. Proceedings from the Sixth Annual IEEE SMC, pages 92--99. IEEE, 2005.
[10]
H. Shiravi, A. Shiravi, A. Ghorbani, et al. A survey of visualization systems for network security. Visualization and Computer Graphics, IEEE Transactions on, 18(8):1313--1329, 2012.
[11]
H. Shiravi, A. Shiravi, and A. A. Ghorbani. Ids alert visualization and monitoring through heuristic host selection. In Information and Communications Security, pages 445--458. Springer, 2010.
[12]
Y. Zhao, F. Zhou, X. Fan, X. Liang, and Y. Liu. Idsradar: a real-time visualization framework for ids alerts. Science China Information Sciences, 56(8):1--12, 2013.
[13]
F. Zhou, R. Shi, Y. Zhao, Y. Huang, and X. Liang. Netsecradar: A visualization system for network security situational awareness. In Cyberspace Safety and Security, pages 403--416. Springer, 2013.
Recommendations
A smart IDS and response system for the internet malicious worm
In this paper, we proposed a behaviour-based intrusion detection and response system for the internet worm. The LAWS (Lambent Anti-Worm System) can detect the intruded services and influenced range automatically. Besides, it also can analyse the key ...
Intelligent IDS: Venus Fly-Trap Optimization with Honeypot Approach for Intrusion Detection and Prevention
AbstractIntrusion Detection Systems and Intrusion Prevention Systems are used to detect and prevent attacks/malware from entering the network/system. Honeypot is a type of Intrusion Detection System which is used to find the intruder, study the intruder ...
Overview of intrusion detection and intrusion prevention
InfoSecCD '08: Proceedings of the 5th annual conference on Information security curriculum developmentThis report provides an overview of IPS systems. In the first section a comparison of IDS and IPS is made, where an IPS system is defined as an integration of IDS and a firewall. The second section describes what is needed to set up an IPS system. In ...
Comments
Information & Contributors
Information
Published In
September 2016
173 pages
Copyright © 2016 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 24 September 2016
Check for updates
Author Tags
Qualifiers
- Short-paper
- Research
- Refereed limited
Conference
VINCI '16
VINCI '16: The 9th International Symposium on Visual Information Communication and Interaction
September 24 - 26, 2016
TX, Dallas, USA
Acceptance Rates
VINCI '16 Paper Acceptance Rate 14 of 42 submissions, 33%;
Overall Acceptance Rate 71 of 193 submissions, 37%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 288Total Downloads
- Downloads (Last 12 months)7
- Downloads (Last 6 weeks)2
Reflects downloads up to 11 Sep 2024
Other Metrics
Citations
Cited By
View all- Yoo SJo JKim BSeo J(2020)Hyperion: A Visual Analytics Tool for an Intrusion Detection and Prevention SystemIEEE Access10.1109/ACCESS.2020.30107898(133865-133881)Online publication date: 2020
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in