Abstract
We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.
| Original language | English (US) |
|---|---|
| Title of host publication | IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings |
| Pages | 287-288 |
| Number of pages | 2 |
| DOIs | |
| State | Published - 2012 |
| Event | 2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012 - Seattle, WA, United States Duration: Oct 14 2012 → Oct 19 2012 |
Other
| Other | 2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012 |
|---|---|
| Country | United States |
| City | Seattle, WA |
| Period | 10/14/12 → 10/19/12 |
Fingerprint
ASJC Scopus subject areas
- Computer Science Applications
- Computer Vision and Pattern Recognition
Cite this
VAST 2012 mini-challenge 2 : Chart- and matrix-based approach to network operations forensics. / Hildenbrand, Jan; Paval, Daniel Ionut; Thapa, Prakash; Rohrdantz, Christian; Mansmann, Florian; Bertini, Enrico; Schreck, Tobias.
IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings. 2012. p. 287-288 6400513.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - VAST 2012 mini-challenge 2
T2 - Chart- and matrix-based approach to network operations forensics
AU - Hildenbrand, Jan
AU - Paval, Daniel Ionut
AU - Thapa, Prakash
AU - Rohrdantz, Christian
AU - Mansmann, Florian
AU - Bertini, Enrico
AU - Schreck, Tobias
PY - 2012
Y1 - 2012
N2 - We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.
AB - We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.
UR - http://www.scopus.com/inward/record.url?scp=84872956697&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84872956697&partnerID=8YFLogxK
U2 - 10.1109/VAST.2012.6400513
DO - 10.1109/VAST.2012.6400513
M3 - Conference contribution
SN - 9781467347532
SP - 287
EP - 288
BT - IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings
ER -