Abstract
This paper presents a graphical interface to identify hostile behavior in network logs. The problem of identifying and labeling hostile behavior is well known in the network security community. There is a lack of labeled datasets, which make it difficult to deploy automated methods or to test the performance of manual ones. We describe the process of searching and identifying hostile behavior with a graphical tool derived from an open source Intrusion Prevention System, which graphically encodes features of network connections from a log-file. A design study with two network security experts illustrates the workflow of searching for patterns descriptive of unwanted behavior and labeling occurrences therewith.
Originalsprache | englisch |
---|---|
Titel | Proceedings of the 2017 ACM Workshop on Exploratory Search and Interactive Data Analytics |
Herausgeber (Verlag) | Association of Computing Machinery |
Seiten | 51-54 |
Seitenumfang | 4 |
ISBN (elektronisch) | 978-145034903-1 |
DOIs | |
Publikationsstatus | Veröffentlicht - 2017 |
Veranstaltung | ACM Workshop on Exploratory Search and Interactive Data Analytics: ESIDA 2017 - Limassol, Zypern Dauer: 13 März 2017 → … |
Workshop
Workshop | ACM Workshop on Exploratory Search and Interactive Data Analytics |
---|---|
Land/Gebiet | Zypern |
Ort | Limassol |
Zeitraum | 13/03/17 → … |