TY - GEN
T1 - Visual analysis of corporate network intelligence
T2 - 4th International Workshop on Computer Security, VizSec 2007
AU - Lalanne, D.
AU - Bertini, E.
AU - Hertzog, P.
AU - Bados, P.
PY - 2008
Y1 - 2008
N2 - This article proposes to go beyond the standard visualization application for security management, which is usually day-to-day monitoring. For this purpose, it introduces a pyramidal vision of the network intelligence and of the respective role of information visualization to support not only security engineers, but also analysts and managers. The paper first introduces our holistic vision and discusses the need to reduce the complexity of network data in order to abstract analysis and trends over time and further to convert decisions into actions. The article further introduces the analysis tasks we are currently tackling. The two following sections present two different ways to overview network data concentrating on specific dimensions of network security: user and application centric firstly, and alarm and temporal centric secondly. Finally this article concludes with the limitations and challenges introduced by our approach.
AB - This article proposes to go beyond the standard visualization application for security management, which is usually day-to-day monitoring. For this purpose, it introduces a pyramidal vision of the network intelligence and of the respective role of information visualization to support not only security engineers, but also analysts and managers. The paper first introduces our holistic vision and discusses the need to reduce the complexity of network data in order to abstract analysis and trends over time and further to convert decisions into actions. The article further introduces the analysis tasks we are currently tackling. The two following sections present two different ways to overview network data concentrating on specific dimensions of network security: user and application centric firstly, and alarm and temporal centric secondly. Finally this article concludes with the limitations and challenges introduced by our approach.
UR - http://www.scopus.com/inward/record.url?scp=84879360574&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84879360574&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84879360574
SN - 9783540782421
T3 - VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security
SP - 115
EP - 130
BT - VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security
Y2 - 29 October 2007 through 29 October 2007
ER -