Sie befinden Sich nicht im Netzwerk der Universität Paderborn. Der Zugriff auf elektronische Ressourcen ist gegebenenfalls nur via VPN oder Shibboleth (DFN-AAI) möglich. mehr Informationen...
Visual filter: graphical exploration of network security log files
Ist Teil von
Proceedings of the Eleventh Workshop on visualization for cyber security, 2014, p.41-48
Ort / Verlag
ACM
Erscheinungsjahr
2014
Link zum Volltext
Quelle
ACM Digital Library Complete
Beschreibungen/Notizen
Network log files often need to be investigated manually for suspicious activity. The huge amount of log lines complicates maintaining an overview, navigation and quick pattern identification. We propose a system that uses an interactive visualization, a visual filter, representing the whole log in an overview, allowing to navigate and make context-preserving subselections with the visualization and in this way reducing the time and effort for security experts needed to identify patterns in the log file. This explorative interactive visualization is combined with focused querying to search for known suspicious terms that are then highlighted in the visualization and the log file itself.