Title :
Geovisual analytics for cyber security: Adopting the GeoViz Toolkit
Author :
Giacobe, Nicklaus A. ; Xu, Sen
Author_Institution :
Coll. of Inf. Sci. & Technol., Pennsylvania State Univ., University Park, PA, USA
Abstract :
For the VAST 2011 Network Security Mini-Challenge, we adopted geovisual analytic methods and applied them in the field of network security. We used the GeoViz Toolkit [1] to represent cyber security events, by fabricating a simple “geography” of several sets of blocks (one for the workstations, one for the servers, and one for the Internet) using ArcGIS 10 (by ESRI - Environmental System Research Institute). Security data was tabulated using Perl scripts to parse the logs in order to create representations of event frequency and where they occurred on the network. The tabulated security data was then added as attributes of the geography. Exploration of the data and subsequent analysis of the meaning and impact of the cyber security events was made possible using the GeoViz Toolkit.
Keywords :
Perl; data analysis; data visualisation; geographic information systems; security of data; ArcGIS 10; GeoViz Toolkit; Perl scripts; VAST 2011 Network Security MiniChallenge; cyber security; data security; geography; geovisual analytics method; network security; Computer security; Data visualization; Geography; Histograms; IP networks; Shape; Coordinated and multiple views; GeoViz Toolkit; cyber security; geovisual analytics; situation awareness;
Conference_Titel :
Visual Analytics Science and Technology (VAST), 2011 IEEE Conference on
Conference_Location :
Providence, RI
Print_ISBN :
978-1-4673-0015-5
DOI :
10.1109/VAST.2011.6102491
