A Survey of Visualization Tools Assessed for Anomaly-Based Intrusion Detection Analysis

Abstract

Security visualization remains relatively an immature term. The idea of security visualization is the need for novel techniques that are fine-tuned for aiding cyber security analysts in distinguishing benign and malicious data. Intrusion Detection Systems (IDS) aim to do just that and the focus is more on the detection capability and not on presentation to the end user. For example, Snort logs a variety of information to a flat text file that requires additional parsing. The shortcoming of IDS is that no satisfactory solution to using visualization as an aid to intrusion detection (ID) has been developed and deployed. In particular, this report chooses to focus on the survey of current visualization tools that can enhance an IDS becoming more deployable. From this assessment, we provide suggestions of visualization tool compatibilities that best meet the needs of the anomaly-based intrusion detection analysis.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 01, 2014
Accession Number
ADA601590

Entities

People

  • Renee E. Etoty
  • Robert F. Erbacher

Organizations

  • United States Army Research Laboratory

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force
  • Cognitive Systems Engineering
  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computers
  • Data Transmission
  • Detection
  • Human-Computer Interaction
  • Information Science
  • Information Systems
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Military Research
  • Network Protocols
  • Three Dimensional

Fields of Study

  • Computer science

Readers

  • Computer Vision.
  • Cybersecurity.
  • Systems Analysis and Design

Technology Areas

  • Cyber