ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술지 An Efficient Network Attack Visualization Using Security Quad and Cube
Cited 6 time in scopus Download 1 time Share share facebook twitter linkedin kakaostory
저자
장범환, 정치윤
발행일
201010
출처
ETRI Journal, v.33 no.5, pp.770-779
ISSN
1225-6463
출판사
한국전자통신연구원 (ETRI)
DOI
https://dx.doi.org/10.4218/etrij.11.0110.0570
협약과제
10MS5100, 산업시설 정보자산 보호용 공간연동 침입 탐지 및 대응 기술 개발, 나중찬
초록
Security quad and cube (SQC) is a network attack analyzer that is capable of aggregating many different events into a single significant incident and visualizing these events in order to identify suspicious or illegitimate behavior. A network administrator recognizes network anomalies by analyzing the traffic data and alert messages generated in the security devices; however, it takes a lot of time to inspect and analyze them because the security devices generate an overwhelming amount of logs and security events. In this paper, we propose SQC, an efficient method for analyzing network security through visualization. The proposed method monitors anomalies occurring in an entire network and displays detailed information of the attacks. In addition, by providing a detailed analysis of network attacks, this method can more precisely detect and distinguish them from normal events. © 2011 Optical Society of America.
키워드
Network monitoring, Network security visualization, Security situational awareness
KSP 제안 키워드
Detailed information, Network Attacks, Network anomaly, Security devices, Security situational awareness, alert messages, network monitoring, network security visualization, security event, traffic data