SYNEMA: VISUAL MONITORING OF NETWORK AND SYSTEM SECURITY SENSORS

Aline Bousquet, Patrice Clemente, Jean-François Lalande

2011

Abstract

This paper presents a new monitoring tool called SYNEMA that helps to visualize different types of alerts from well-known security sensors. The architecture of the proposed tool is distributed and enables centralizing the collected information into a lightweight visualizer. The front-end proposes many display modes in order to give the ability to clearly see malicious activities and to be able to visually monitor information collected at system, network and user level in the hosts. The paper concludes with development perspectives about an auto-configurable plugin for visual correlation of attacks.

References

  1. Ball, R., Fink, G., and North, C. (2004). Home-centric visualization of network traffic for security administration. In The 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pages 55- 64. ACM.
  2. Ball, R., Fink, G., and North, C. (2004). Home-centric visualization of network traffic for security administration. In The 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pages 55- 64. ACM.
  3. Francia III, G. (2008). Visual security monitoring gadgets. In The 5th Annual Conference on Information Security Curriculum Development, pages 40-43. ACM.
  4. Francia III, G. (2008). Visual security monitoring gadgets. In The 5th Annual Conference on Information Security Curriculum Development, pages 40-43. ACM.
  5. Kolano, P. (2007). A scalable aural-visual environment for security event monitoring, analysis, and response. Advances in Visual Computing, pages 564-575.
  6. Kolano, P. (2007). A scalable aural-visual environment for security event monitoring, analysis, and response. Advances in Visual Computing, pages 564-575.
  7. Ma, K.-L. (2006). Cyber security through visualization. In The 2006 Asia-Pacific Symposium on Information Visualisation, APVis 7806, pages 3-7, Darlinghurst, Australia. Australian Computer Society, Inc.
  8. Ma, K.-L. (2006). Cyber security through visualization. In The 2006 Asia-Pacific Symposium on Information Visualisation, APVis 7806, pages 3-7, Darlinghurst, Australia. Australian Computer Society, Inc.
  9. Marty, R. (2008). Applied Security Visualization. AddisonWesley Professional.
  10. Marty, R. (2008). Applied Security Visualization. AddisonWesley Professional.
  11. McPherson, J., Ma, K.-L., Krystosk, P., Bartoletti, T., and Christensen, M. (2004). PortVis: a tool for portbased detection of security events. In VizSEC/DMSEC'04: the 2004 ACM workshop on Visualization and data mining for computer security, pages 73-81, New York, NY, USA. ACM.
  12. McPherson, J., Ma, K.-L., Krystosk, P., Bartoletti, T., and Christensen, M. (2004). PortVis: a tool for portbased detection of security events. In VizSEC/DMSEC'04: the 2004 ACM workshop on Visualization and data mining for computer security, pages 73-81, New York, NY, USA. ACM.
  13. Shabtai, A., Klimov, D., Shahar, Y., and Elovici, Y. (2006). An intelligent, interactive tool for exploration and visualization of time-oriented security data. In The 3rd International Workshop on Visualization for Computer Security, page 22. ACM.
  14. Shabtai, A., Klimov, D., Shahar, Y., and Elovici, Y. (2006). An intelligent, interactive tool for exploration and visualization of time-oriented security data. In The 3rd International Workshop on Visualization for Computer Security, page 22. ACM.
  15. Shneiderman, B. (2002). The eyes have it: a task by data type taxonomy for information visualizations. In IEEE Symposium on Visual Languages, pages 336- 343. IEEE.
  16. Shneiderman, B. (2002). The eyes have it: a task by data type taxonomy for information visualizations. In IEEE Symposium on Visual Languages, pages 336- 343. IEEE.
  17. Tamassia, R., Palazzi, B., and Papamanthou, C. (2009). Graph Drawing for Security Visualization. In Graph Drawing, pages 2-13. Springer Berlin/Heidelberg.
  18. Tamassia, R., Palazzi, B., and Papamanthou, C. (2009). Graph Drawing for Security Visualization. In Graph Drawing, pages 2-13. Springer Berlin/Heidelberg.
Download


Paper Citation


in Harvard Style

Bousquet A., Clemente P. and Lalande J. (2011). SYNEMA: VISUAL MONITORING OF NETWORK AND SYSTEM SECURITY SENSORS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011) ISBN 978-989-8425-71-3, pages 375-378. DOI: 10.5220/0003516203750378


in Harvard Style

Bousquet A., Clemente P. and Lalande J. (2011). SYNEMA: VISUAL MONITORING OF NETWORK AND SYSTEM SECURITY SENSORS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011) ISBN 978-989-8425-71-3, pages 375-378. DOI: 10.5220/0003516203750378


in Bibtex Style

@conference{secrypt11,
author={Aline Bousquet and Patrice Clemente and Jean-François Lalande},
title={SYNEMA: VISUAL MONITORING OF NETWORK AND SYSTEM SECURITY SENSORS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)},
year={2011},
pages={375-378},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003516203750378},
isbn={978-989-8425-71-3},
}


in Bibtex Style

@conference{secrypt11,
author={Aline Bousquet and Patrice Clemente and Jean-François Lalande},
title={SYNEMA: VISUAL MONITORING OF NETWORK AND SYSTEM SECURITY SENSORS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)},
year={2011},
pages={375-378},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003516203750378},
isbn={978-989-8425-71-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)
TI - SYNEMA: VISUAL MONITORING OF NETWORK AND SYSTEM SECURITY SENSORS
SN - 978-989-8425-71-3
AU - Bousquet A.
AU - Clemente P.
AU - Lalande J.
PY - 2011
SP - 375
EP - 378
DO - 10.5220/0003516203750378


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)
TI - SYNEMA: VISUAL MONITORING OF NETWORK AND SYSTEM SECURITY SENSORS
SN - 978-989-8425-71-3
AU - Bousquet A.
AU - Clemente P.
AU - Lalande J.
PY - 2011
SP - 375
EP - 378
DO - 10.5220/0003516203750378