VAST 2012 mini-challenge 2

Chart- and matrix-based approach to network operations forensics

Jan Hildenbrand, Daniel Ionut Paval, Prakash Thapa, Christian Rohrdantz, Florian Mansmann, Enrico Bertini, Tobias Schreck

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.

    Original languageEnglish (US)
    Title of host publicationIEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings
    Pages287-288
    Number of pages2
    DOIs
    StatePublished - 2012
    Event2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012 - Seattle, WA, United States
    Duration: Oct 14 2012Oct 19 2012

    Other

    Other2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012
    CountryUnited States
    CitySeattle, WA
    Period10/14/1210/19/12

    Fingerprint

    Data mining
    Visualization
    Pixels
    Students
    Denial-of-service attack

    ASJC Scopus subject areas

    • Computer Science Applications
    • Computer Vision and Pattern Recognition

    Cite this

    Hildenbrand, J., Paval, D. I., Thapa, P., Rohrdantz, C., Mansmann, F., Bertini, E., & Schreck, T. (2012). VAST 2012 mini-challenge 2: Chart- and matrix-based approach to network operations forensics. In IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings (pp. 287-288). [6400513] https://doi.org/10.1109/VAST.2012.6400513

    VAST 2012 mini-challenge 2 : Chart- and matrix-based approach to network operations forensics. / Hildenbrand, Jan; Paval, Daniel Ionut; Thapa, Prakash; Rohrdantz, Christian; Mansmann, Florian; Bertini, Enrico; Schreck, Tobias.

    IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings. 2012. p. 287-288 6400513.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Hildenbrand, J, Paval, DI, Thapa, P, Rohrdantz, C, Mansmann, F, Bertini, E & Schreck, T 2012, VAST 2012 mini-challenge 2: Chart- and matrix-based approach to network operations forensics. in IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings., 6400513, pp. 287-288, 2012 IEEE Conference on Visual Analytics Science and Technology, VAST 2012, Seattle, WA, United States, 10/14/12. https://doi.org/10.1109/VAST.2012.6400513
    Hildenbrand J, Paval DI, Thapa P, Rohrdantz C, Mansmann F, Bertini E et al. VAST 2012 mini-challenge 2: Chart- and matrix-based approach to network operations forensics. In IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings. 2012. p. 287-288. 6400513 https://doi.org/10.1109/VAST.2012.6400513
    Hildenbrand, Jan ; Paval, Daniel Ionut ; Thapa, Prakash ; Rohrdantz, Christian ; Mansmann, Florian ; Bertini, Enrico ; Schreck, Tobias. / VAST 2012 mini-challenge 2 : Chart- and matrix-based approach to network operations forensics. IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings. 2012. pp. 287-288
    @inproceedings{4e3a18ed0c91430c9fe24eeea876fe3a,
    title = "VAST 2012 mini-challenge 2: Chart- and matrix-based approach to network operations forensics",
    abstract = "We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.",
    author = "Jan Hildenbrand and Paval, {Daniel Ionut} and Prakash Thapa and Christian Rohrdantz and Florian Mansmann and Enrico Bertini and Tobias Schreck",
    year = "2012",
    doi = "10.1109/VAST.2012.6400513",
    language = "English (US)",
    isbn = "9781467347532",
    pages = "287--288",
    booktitle = "IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings",

    }

    TY - GEN

    T1 - VAST 2012 mini-challenge 2

    T2 - Chart- and matrix-based approach to network operations forensics

    AU - Hildenbrand, Jan

    AU - Paval, Daniel Ionut

    AU - Thapa, Prakash

    AU - Rohrdantz, Christian

    AU - Mansmann, Florian

    AU - Bertini, Enrico

    AU - Schreck, Tobias

    PY - 2012

    Y1 - 2012

    N2 - We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.

    AB - We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.

    UR - http://www.scopus.com/inward/record.url?scp=84872956697&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84872956697&partnerID=8YFLogxK

    U2 - 10.1109/VAST.2012.6400513

    DO - 10.1109/VAST.2012.6400513

    M3 - Conference contribution

    SN - 9781467347532

    SP - 287

    EP - 288

    BT - IEEE Conference on Visual Analytics Science and Technology 2012, VAST 2012 - Proceedings

    ER -