@inproceedings{24f1566e51704986831bb85ec0d8f69b,
title = "Situ: Situational understanding and discovery for cyber attacks",
abstract = "Our entry into the VAST 2012 Mini Challenge 2 is a streaming visual analytic system that scores events based on anomalousness and maliciousness and presents each event to the user in a user-defined groupings in animated small-multiple views. The anomaly detection algorithm identifies low probability events, supporting awareness regarding atypical traffic patterns on the network. The maliciousness classifier incorporates both situated knowledge of an environment (policy and machine roles) and domain knowledge (encoded in the IDS alerts). We discuss the visualization design and classification techniques, as well as provide examples of timely detection from the challenge dataset.",
keywords = "H.5.2 [Information Interfaces & Presentations]: User Interfaces - Graphical User Interfaces (GUI), I.3.6 [Methodology and Techniques]: Interaction Techniques",
author = "Lane Harrison and Jason Laska and Riley Spahn and Mike Iannacone and Evan Downing and Ferragut, {Erik M.} and Goodall, {John R.}",
year = "2012",
doi = "10.1109/VAST.2012.6400503",
language = "English",
isbn = "9781467347532",
series = "IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings",
pages = "307--308",
booktitle = "IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings",
note = "2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012 ; Conference date: 14-10-2012 Through 19-10-2012",
}