VAFLE: Visual analytics of firewall log events

Thumbnail Image

Files

avatar_scholar_128.png (2.73 KB)
9017-3-ghoniem.pdf (1.27 MB)

Date

2014

Authors

Journal Title

Journal ISSN

Volume Title

Type

Conference Paper

Publisher

Series Info

Proceedings of SPIE - The International Society for Optical Engineering
9017

Doi

https://doi.org/10.1117/12.2037790
 PubMed ID :

Scientific Journal Rankings

https://www.scimagojr.com/journalsearch.php?q=40067&tip=sid&clean=0

Abstract

In this work, we present VAFLE, an interactive network security visualization prototype for the analysis of firewall log events. Keeping it simple yet effective for analysts, we provide multiple coordinated interactive visualizations augmented with clustering capabilities customized to support anomaly detection and cyber situation awareness. We evaluate the usefulness of the prototype in a use case with network traffic datasets from previous VAST Challenges, illustrating its effectiveness at promoting fast and well-informed decisions. We explain how a security analyst may spot suspicious traffic using VAFLE. We further assess its usefulness through a qualitative evaluation involving network security experts, whose feedback is reported and discussed. � 2014 SPIE-IS&T.

Description

Scopus

Keywords

clustering, cyber security, firewall log, heatmap, user study, visual analytics

Citation

Full Text link

https://t.ly/NN8vO

Collections

Faculty Of Computer Science Research Paper