License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/DagSemProc.09211.5
URN: urn:nbn:de:0030-drops-21565
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2009/2156/
Go to the corresponding Portal

Sips, Mike ; Simon, Sascha ; Gerth, John

Interactive Exploration of the Network Behavior of Personal Machines

pdf-format:
09211.SipsMike.ExtAbstract.2156.pdf (0.2 MB)

Abstract

Personal machines are often the weakest points within a large network. Although they run an ever-increasing number of network services, these machines are often controlled by users who are unaware of security threats. Thus, a well-informed attacker can, with modest effort, identify and
gain control over personal machines. However, system administrators need to know the tools and techniques used for attacks while simultaneously needing to invest huge analytical efforts to detect malicious behavior in the vast volumes of network traffic. In our research project we
investigate the idea that an understanding of the regular behavior of personal machines can improve the chance of detecting the point in time when a machine shows malicious behavior. We propose a visual exploration system based on a data abstraction layer and temporal visual
representations of the network traffic. The data abstraction layer enables an interactive change in the level of detail of the network traffic while temporal visualizations help system administrators to detect unexpected network traffic. In the next phase of this project, we will conduct experiments to get a good feel about the limits of our system in detecting malicious behavior in real-world scenarios.

BibTeX - Entry

@InProceedings{sips_et_al:DagSemProc.09211.5,
  author =	{Sips, Mike and Simon, Sascha and Gerth, John},
  title =	{{Interactive Exploration of the Network Behavior of Personal Machines}},
  booktitle =	{Visualization and Monitoring of Network Traffic},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2009},
  volume =	{9211},
  editor =	{Daniel A. Keim and Aiko Pras and J\"{u}rgen Sch\"{o}nw\"{a}lder and Pak Chung Wong},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2009/2156},
  URN =		{urn:nbn:de:0030-drops-21565},
  doi =		{10.4230/DagSemProc.09211.5},
  annote =	{Keywords: Visualization, Communication Patterns, Data Abstraction, Personal Machines}
}

Keywords: Visualization, Communication Patterns, Data Abstraction, Personal Machines
Collection: 09211 - Visualization and Monitoring of Network Traffic
Issue Date: 2009
Date of publication: 30.09.2009

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI