TY - GEN
T1 - NV
T2 - 9th International Symposium on Visualization for Cyber Security, VizSec 2012
AU - Harrison, Lane
AU - Spahn, Riley
AU - Iannacone, Mike
AU - Downing, Evan
AU - Goodall, John R.
PY - 2012
Y1 - 2012
N2 - Network vulnerability is a critical component of network security. Yet vulnerability analysis has received relatively little attention from the security visualization community. This paper describes nv, a web-based Nessus vulnerability visualization. Nv utilizes treemaps and linked histograms to allow security analysts and systems administrators to discover, analyze, and manage vulnerabilities on their networks. In addition to visualizing single Nessus scans, nv supports the analysis of sequential scans by showing which vulnerabilities have been fixed, remain open, or are newly discovered. Nv operates completely in-browser, to avoid sending sensitive data to outside servers. We discuss the design of nv, as well as provide case studies demonstrating vulnerability analysis workflows which include a multiplenode testbed and data from the 2011 VAST Challenge.
AB - Network vulnerability is a critical component of network security. Yet vulnerability analysis has received relatively little attention from the security visualization community. This paper describes nv, a web-based Nessus vulnerability visualization. Nv utilizes treemaps and linked histograms to allow security analysts and systems administrators to discover, analyze, and manage vulnerabilities on their networks. In addition to visualizing single Nessus scans, nv supports the analysis of sequential scans by showing which vulnerabilities have been fixed, remain open, or are newly discovered. Nv operates completely in-browser, to avoid sending sensitive data to outside servers. We discuss the design of nv, as well as provide case studies demonstrating vulnerability analysis workflows which include a multiplenode testbed and data from the 2011 VAST Challenge.
KW - Cyber security
KW - Information visualization
KW - Security analysis
KW - Security visualization
KW - Vulnerability visualization
UR - http://www.scopus.com/inward/record.url?scp=84869045240&partnerID=8YFLogxK
U2 - 10.1145/2379690.2379694
DO - 10.1145/2379690.2379694
M3 - Conference contribution
AN - SCOPUS:84869045240
SN - 9781450314138
T3 - ACM International Conference Proceeding Series
SP - 25
EP - 32
BT - VizSec 2012 - Proceedings of the 9th International Symposium on Visualization for Cyber Security
Y2 - 15 October 2012 through 15 October 2012
ER -