Asia-Pacific Symposium on Visualization (2007)
Feb. 5, 2007 to Feb. 7, 2007
S. Mukosaka , Graduate Sch. of Inf. Syst., Univ. of Electro-Commun.
H. Koike , Graduate Sch. of Inf. Syst., Univ. of Electro-Commun.
In monitoring security of enterprise or campus networks, detecting attacks from internal network to external network is becoming more and more important. After detecting such attacks, finding the location of the target PC is sometimes needed. This paper describes a visual security monitoring system for large-scale local area network. The system integrates three information, logical, temporal, and geographical information, in one 3D visualization. The system also provides effective interaction capabilities and filtering mechanism. IDS logs obtained at the computer center of our university were visualized, and typical examples such as botnet activities and SSH brute force attack were discussed
IP address, integrated visualization system, visual security monitoring system, large-scale local area network, logical information, temporal information, geographical information, 3D visualization, interaction capabilities, filtering mechanism
H. Koike and S. Mukosaka, "Integrated visualization system for monitoring security in large-scale local area network," Asia-Pacific Symposium on Visualisation 2007(APVIS), Sydney, NSW, 2007, pp. 41-44.