Visualization of web form submissions for security analysis
International Journal of Web Information Systems
ISSN: 1744-0084
Article publication date: 14 June 2013
Abstract
Purpose
The purpose of this paper is to propose novel information visualization and interaction techniques to help security administrators analyze past web form submissions, with the goals of searching, inspecting, verifying, and understanding about malicious submissions.
Design/methodology/approach
The authors utilize well‐known visual design principles in the techniques to support the analysis process. They also implement a prototype and use it to investigate simulated normal and malicious web submissions.
Findings
The techniques can increase analysts' efficiency by displaying large amounts of information at a time, help analysts detect certain kinds of anomalies, and support the analyzing process via provided interaction capabilities.
Research limitations/implications
Due to resources constraints, the authors experimented on simulated data only, not real data.
Practical implications
The techniques can be used to investigate past web form submissions, which is a first step in analysing and understanding the current security situation and attackers' skills. The knowledge gained from this process can be used to plan for effective future defence strategy, e.g. by improving/fine‐tuning the attack signatures of an automatic intrusion detection system.
Originality/value
The visualization and interaction designs are the first visual analysis technique for security investigation of web form submissions.
Keywords
Citation
Tri Dang, T. and Khanh Dang, T. (2013), "Visualization of web form submissions for security analysis", International Journal of Web Information Systems, Vol. 9 No. 2, pp. 165-180. https://doi.org/10.1108/IJWIS-12-2012-0036
Publisher
:Emerald Group Publishing Limited
Copyright © 2013, Emerald Group Publishing Limited