skip to main content
10.1145/3038462.3038466acmconferencesArticle/Chapter ViewAbstractPublication PagesiuiConference Proceedingsconference-collections
short-paper

Visual Exploration of Network Hostile Behavior

Published: 13 March 2017 Publication History

Abstract

This paper presents a graphical interface to identify hostile behavior in network logs. The problem of identifying and labeling hostile behavior is well known in the network security community. There is a lack of labeled datasets, which make it difficult to deploy automated methods or to test the performance of manual ones. We describe the process of searching and identifying hostile behavior with a graphical tool derived from an open source Intrusion Prevention System, which graphically encodes features of network connections from a log-file. A design study with two network security experts illustrates the workflow of searching for patterns descriptive of unwanted behavior and labeling occurrences therewith.

References

[1]
Sebastian Abt and Harald Baier. 2013. Are We Missing Labels -- A Study of the Availability of Ground-Truth in Network Security Research. Badgers 2014 (2013).
[2]
Maria Jose Erquiaga, Carlos Catania, and Carlos García Garino. 2012. An analysis of network traffic characteristics for Botnet detection. CACIC 2012, XVIII Argentinean Congress of Computer Science (2012).
[3]
Sebastian Garcia. 2014. Identifying, Modeling and Detecting Botnet Behaviors in the Network. Ph.D. Dissertation. UNICEN University.
[4]
Benjamin Sangster, Thomas Cook, Robert Fanelli, Erik Dean, William J Adams, Chris Morrell, and Gregory Conti. 2009. Toward Instrumenting Network Warfare Competitions to Generate Labeled Datasets. USENIX Security's Workshop on Cyber Security Experimentation and Test (CSET) (2009).

Cited By

View all
  • (2022)Datasets are not enoughComputers and Security10.1016/j.cose.2022.102810120:COnline publication date: 25-Aug-2022
  • (2019)Active learning approach to label network traffic datasetsJournal of Information Security and Applications10.1016/j.jisa.2019.10238849:COnline publication date: 1-Dec-2019
  • (2017)Exploratory Search and Interactive Data AnalyticsProceedings of the 22nd International Conference on Intelligent User Interfaces Companion10.1145/3030024.3040246(9-11)Online publication date: 7-Mar-2017

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ESIDA '17: Proceedings of the 2017 ACM Workshop on Exploratory Search and Interactive Data Analytics
March 2017
82 pages
ISBN:9781450349031
DOI:10.1145/3038462
© 2017 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. intrusion detection
  2. network security
  3. visual analytics

Qualifiers

  • Short-paper

Funding Sources

  • ANPCYT - MINCYT
  • CONICET

Conference

IUI'17
Sponsor:

Upcoming Conference

IUI '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 18 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Datasets are not enoughComputers and Security10.1016/j.cose.2022.102810120:COnline publication date: 25-Aug-2022
  • (2019)Active learning approach to label network traffic datasetsJournal of Information Security and Applications10.1016/j.jisa.2019.10238849:COnline publication date: 1-Dec-2019
  • (2017)Exploratory Search and Interactive Data AnalyticsProceedings of the 22nd International Conference on Intelligent User Interfaces Companion10.1145/3030024.3040246(9-11)Online publication date: 7-Mar-2017

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media