Situ: Situational understanding and discovery for cyber attacks

Lane Harrison, Jason Laska, Riley Spahn, Mike Iannacone, Evan Downing, Erik M. Ferragut, John R. Goodall

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

6 Scopus citations

Abstract

Our entry into the VAST 2012 Mini Challenge 2 is a streaming visual analytic system that scores events based on anomalousness and maliciousness and presents each event to the user in a user-defined groupings in animated small-multiple views. The anomaly detection algorithm identifies low probability events, supporting awareness regarding atypical traffic patterns on the network. The maliciousness classifier incorporates both situated knowledge of an environment (policy and machine roles) and domain knowledge (encoded in the IDS alerts). We discuss the visualization design and classification techniques, as well as provide examples of timely detection from the challenge dataset.

Original languageEnglish
Title of host publicationIEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings
Pages307-308
Number of pages2
DOIs
StatePublished - 2012
Event2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012 - Seattle, WA, United States
Duration: Oct 14 2012Oct 19 2012

Publication series

NameIEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings

Conference

Conference2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012
Country/TerritoryUnited States
CitySeattle, WA
Period10/14/1210/19/12

Keywords

  • H.5.2 [Information Interfaces & Presentations]: User Interfaces - Graphical User Interfaces (GUI)
  • I.3.6 [Methodology and Techniques]: Interaction Techniques

Fingerprint

Dive into the research topics of 'Situ: Situational understanding and discovery for cyber attacks'. Together they form a unique fingerprint.

Cite this