Efficient visualization of change events in enterprise networks

Author

Stewart, Andrew

Author_Institution

Equifax, Atlanta, GA

fYear

2006

fDate

Aug. 28 2006-Sept. 1 2006

Firstpage

1

Lastpage

6

Abstract

Change is a crucial property from a security perspective. The detection of change underpins many of the operational security activities that organizations typically carry out. For example, the essence of security monitoring is to detect changes, then analyze those changes in the context of the applicable security policy. Security tools are available to perform change detection at a host level. Such tools typically employ a local software agent, and identify changes that occur in the filesystem of the host. We describe a tool that performs a similar role in a network environment. The tool employs a variety of visualization techniques to efficiently communicate changes that occur in enterprise networks

Keywords

business communication; security of data; software agents; change detection; efficient change event visualization; enterprise networks; local software agent; operational security activities; security monitoring; security policy; security tools; Application software; Communication system security; Data visualization; Joining processes; Monitoring; Personnel; Process control; Robustness; Software standards; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Securecomm and Workshops, 2006

Conference_Location

Baltimore, MD

Print_ISBN

1-4244-0423-1

Electronic_ISBN

1-4244-0423-1

Type

conf

DOI

10.1109/SECCOMW.2006.359582

Filename

4198842