ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Journal Article An Efficient Network Attack Visualization Using Security Quad and Cube
Cited 7 time in scopus Download 1 time Share share facebook twitter linkedin kakaostory
Authors
Beom-Hwan Chang, Chi Yoon Jeong
Issue Date
2010-10
Citation
ETRI Journal, v.33, no.5, pp.770-779
ISSN
1225-6463
Publisher
한국전자통신연구원 (ETRI)
Language
English
Type
Journal Article
DOI
https://dx.doi.org/10.4218/etrij.11.0110.0570
Project Code
10MS5100, Development of Intrusion detection and response technology based on the security convergence for protecting Information assets of Industrial facilitie, Na Jung-Chan
Abstract
Security quad and cube (SQC) is a network attack analyzer that is capable of aggregating many different events into a single significant incident and visualizing these events in order to identify suspicious or illegitimate behavior. A network administrator recognizes network anomalies by analyzing the traffic data and alert messages generated in the security devices; however, it takes a lot of time to inspect and analyze them because the security devices generate an overwhelming amount of logs and security events. In this paper, we propose SQC, an efficient method for analyzing network security through visualization. The proposed method monitors anomalies occurring in an entire network and displays detailed information of the attacks. In addition, by providing a detailed analysis of network attacks, this method can more precisely detect and distinguish them from normal events. © 2011 Optical Society of America.
KSP Keywords
Detailed information, Network Attacks, Network anomaly, Security devices, alert messages, network security, security event, traffic data