Visual analysis of corporate network intelligence

Abstracting and reasoning on yesterdays for acting today

D. Lalanne, Enrico Bertini, P. Hertzog, P. Bados

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    This article proposes to go beyond the standard visualization application for security management, which is usually day-to-day monitoring. For this purpose, it introduces a pyramidal vision of the network intelligence and of the respective role of information visualization to support not only security engineers, but also analysts and managers. The paper first introduces our holistic vision and discusses the need to reduce the complexity of network data in order to abstract analysis and trends over time and further to convert decisions into actions. The article further introduces the analysis tasks we are currently tackling. The two following sections present two different ways to overview network data concentrating on specific dimensions of network security: user and application centric firstly, and alarm and temporal centric secondly. Finally this article concludes with the limitations and challenges introduced by our approach.

    Original languageEnglish (US)
    Title of host publicationVizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security
    Pages115-130
    Number of pages16
    StatePublished - 2008
    Event4th International Workshop on Computer Security, VizSec 2007 - Sacramento, CA, United States
    Duration: Oct 29 2007Oct 29 2007

    Other

    Other4th International Workshop on Computer Security, VizSec 2007
    CountryUnited States
    CitySacramento, CA
    Period10/29/0710/29/07

    Fingerprint

    Visualization
    Network security
    Managers
    Engineers
    Monitoring

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Safety, Risk, Reliability and Quality

    Cite this

    Lalanne, D., Bertini, E., Hertzog, P., & Bados, P. (2008). Visual analysis of corporate network intelligence: Abstracting and reasoning on yesterdays for acting today. In VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security (pp. 115-130)

    Visual analysis of corporate network intelligence : Abstracting and reasoning on yesterdays for acting today. / Lalanne, D.; Bertini, Enrico; Hertzog, P.; Bados, P.

    VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. 2008. p. 115-130.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Lalanne, D, Bertini, E, Hertzog, P & Bados, P 2008, Visual analysis of corporate network intelligence: Abstracting and reasoning on yesterdays for acting today. in VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. pp. 115-130, 4th International Workshop on Computer Security, VizSec 2007, Sacramento, CA, United States, 10/29/07.
    Lalanne D, Bertini E, Hertzog P, Bados P. Visual analysis of corporate network intelligence: Abstracting and reasoning on yesterdays for acting today. In VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. 2008. p. 115-130
    Lalanne, D. ; Bertini, Enrico ; Hertzog, P. ; Bados, P. / Visual analysis of corporate network intelligence : Abstracting and reasoning on yesterdays for acting today. VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. 2008. pp. 115-130
    @inproceedings{f07fb1a171a240e5b6be79cf5e19b522,
    title = "Visual analysis of corporate network intelligence: Abstracting and reasoning on yesterdays for acting today",
    abstract = "This article proposes to go beyond the standard visualization application for security management, which is usually day-to-day monitoring. For this purpose, it introduces a pyramidal vision of the network intelligence and of the respective role of information visualization to support not only security engineers, but also analysts and managers. The paper first introduces our holistic vision and discusses the need to reduce the complexity of network data in order to abstract analysis and trends over time and further to convert decisions into actions. The article further introduces the analysis tasks we are currently tackling. The two following sections present two different ways to overview network data concentrating on specific dimensions of network security: user and application centric firstly, and alarm and temporal centric secondly. Finally this article concludes with the limitations and challenges introduced by our approach.",
    author = "D. Lalanne and Enrico Bertini and P. Hertzog and P. Bados",
    year = "2008",
    language = "English (US)",
    isbn = "9783540782421",
    pages = "115--130",
    booktitle = "VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security",

    }

    TY - GEN

    T1 - Visual analysis of corporate network intelligence

    T2 - Abstracting and reasoning on yesterdays for acting today

    AU - Lalanne, D.

    AU - Bertini, Enrico

    AU - Hertzog, P.

    AU - Bados, P.

    PY - 2008

    Y1 - 2008

    N2 - This article proposes to go beyond the standard visualization application for security management, which is usually day-to-day monitoring. For this purpose, it introduces a pyramidal vision of the network intelligence and of the respective role of information visualization to support not only security engineers, but also analysts and managers. The paper first introduces our holistic vision and discusses the need to reduce the complexity of network data in order to abstract analysis and trends over time and further to convert decisions into actions. The article further introduces the analysis tasks we are currently tackling. The two following sections present two different ways to overview network data concentrating on specific dimensions of network security: user and application centric firstly, and alarm and temporal centric secondly. Finally this article concludes with the limitations and challenges introduced by our approach.

    AB - This article proposes to go beyond the standard visualization application for security management, which is usually day-to-day monitoring. For this purpose, it introduces a pyramidal vision of the network intelligence and of the respective role of information visualization to support not only security engineers, but also analysts and managers. The paper first introduces our holistic vision and discusses the need to reduce the complexity of network data in order to abstract analysis and trends over time and further to convert decisions into actions. The article further introduces the analysis tasks we are currently tackling. The two following sections present two different ways to overview network data concentrating on specific dimensions of network security: user and application centric firstly, and alarm and temporal centric secondly. Finally this article concludes with the limitations and challenges introduced by our approach.

    UR - http://www.scopus.com/inward/record.url?scp=84879360574&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84879360574&partnerID=8YFLogxK

    M3 - Conference contribution

    SN - 9783540782421

    SP - 115

    EP - 130

    BT - VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security

    ER -