Analytical Visualization Techniques for Security Information and Event Management

Author

Novikova, Evgenia ; Kotenko, Igor

Author_Institution

Lab. of Comput. Security Problems, St.Petersburg Inst. for Inf. & Autom., St. Petersburg, Russia

fYear

2013

fDate

Feb. 27 2013-March 1 2013

Firstpage

519

Lastpage

525

Abstract

The paper proposes the architecture of the visualization component for the Security Information and Event Management (SIEM) system. The SIEM systems help to comprehend large amounts of the security data. Visualization is the essential part of the SIEM systems. The suggested architecture of the visualization component allows incorporating different visualization technologies and extending easily the application functionality. To illustrate the approach, we developed the prototype of the SIEM visualization component. The paper demonstrates the graphical user interface of the attack modeling component. To increase the efficiency of the visualization techniques we applied principles of the human information perception and interaction issues when designing graphical components.

Keywords

data visualisation; graphical user interfaces; security of data; SIEM systems; analytical visualization techniques; attack modeling component; graphical components; graphical user interface; human information perception; interaction issues; security information and event management system; visualization component; Analytical models; Computer architecture; Data visualization; Image color analysis; Monitoring; Security; attack graph visualization; security information visualization; visualization framework;

fLanguage

English

Publisher

ieee

Conference_Titel

Parallel, Distributed and Network-Based Processing (PDP), 2013 21st Euromicro International Conference on

Conference_Location

Belfast

ISSN

1066-6192

Print_ISBN

978-1-4673-5321-2

Electronic_ISBN

1066-6192

Type

conf

DOI

10.1109/PDP.2013.84

Filename

6498600