IDSRadar: a real-time visualization framework for IDS alerts

被引:0
作者
Ying Zhao
FangFang Zhou
XiaoPing Fan
Xing Liang
YongGang Liu
机构
[1] Central South University,Information Science and Engineering School
[2] Hunan University of Finance & Economics,Laboratory of Networked Systems
来源
Science China Information Sciences | 2013年 / 56卷
关键词
visual analytics; information visualization; cyber security; IDS log; entropy;
D O I
暂无
中图分类号
学科分类号
摘要
Intrusion Detection Systems (IDS) is an automated cyber security monitoring system to sense malicious activities. Unfortunately, IDS often generates both a considerable number of alerts and false positives in IDS logs. Information visualization allows users to discover and analyze large amounts of information through visual exploration and interaction efficiently. Even with the aid of visualization, identifying the attack patterns and recognizing the false positives from a great number of alerts are still challenges. In this paper, a novel visualization framework, IDSRadar, is proposed for IDS alerts, which can monitor the network and perceive the overall view of the security situation by using radial graph in real-time. IDSRadar utilizes five categories of entropy functions to quantitatively analyze the irregular behavioral patterns, and synthesizes interactions, filtering and drill-down to detect the potential intrusions. In conclusion, IDSRadar is used to analyze the mini-challenges of the VAST challenge 2011 and 2012.
引用
收藏
页码:1 / 12
页数:11
相关论文
共 50 条
[31]   Real-Time Simultaneous Energy and Information Transfer [J].
Tandon, Anshoo ;
Motani, Mehul ;
Varshney, Lay R. .
2015 IEEE INTERNATIONAL SYMPOSIUM ON INFORMATION THEORY (ISIT), 2015, :1124-1128
[32]   Retina-U: A Two-Level Real-Time Analytics Framework for UHD Live Video Streaming [J].
Zhang, Wei ;
Jing, Yunpeng ;
Zhang, Yuan ;
Lin, Tao ;
Yan, Jinyao .
IEEE TRANSACTIONS ON BROADCASTING, 2024, 70 (02) :429-440
[33]   Comparing and Combining Interaction Data and Eye-tracking Data for the Real-time Prediction of User Cognitive Abilities in Visualization Tasks [J].
Conati, Cristina ;
Lalle, Sebastien ;
Rahman, Md Abed ;
Toker, Dereck .
ACM TRANSACTIONS ON INTERACTIVE INTELLIGENT SYSTEMS, 2020, 10 (02)
[34]   Glyph design for communication initiation in real-time human-automation collaboration [J].
Nylin, Magnus ;
Lundberg, Jonas ;
Bang, Magnus ;
Kucher, Kostiantyn .
VISUAL INFORMATICS, 2024, 8 (04) :23-35
[35]   Deep learning-based framework for real-time transient stability prediction under stealthy data integrity attacks [J].
Kesici, Mert ;
Mohammadpourfard, Mostafa ;
Aygul, Kemal ;
Genc, Istemihan .
ELECTRIC POWER SYSTEMS RESEARCH, 2023, 221
[36]   AutoMLP: A Framework for the Acceleration of Multi-Layer Perceptron Models on FPGAs for Real-Time Atrial Fibrillation Disease Detection [J].
Chen, Chao ;
da Silva, Bruno ;
Yang, Chenxi ;
Ma, Caiyun ;
Li, Jianqing ;
Liu, Chengyu .
IEEE TRANSACTIONS ON BIOMEDICAL CIRCUITS AND SYSTEMS, 2023, 17 (06) :1371-1386
[37]   An Enhanced Real-Time Intrusion Detection Framework Using Federated Transfer Learning in Large-Scale IoT Networks [J].
Harahsheh, Khawlah ;
Alzaqebah, Malek ;
Chen, Chung-Hao .
INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2024, 15 (12) :35-42
[38]   Real-time drone detection framework based on advanced texture feature extraction and pattern recognition model using GUI [J].
Hussen, Noha ;
Salem, Mofreh ;
Eldesouky, Ali I. ;
Sakr, Noha ;
Elghamrawy, Sally .
Neural Computing and Applications, 2025, 37 (05) :3435-3454
[39]   A computational framework for IoT security integrating deep learning-based semantic algorithms for real-time threat response [J].
Ranpara, Ripal ;
Patel, Shobhit K. ;
Kumar, Om Prakash ;
Al-Zahrani, Fahad Ahmed .
SCIENTIFIC REPORTS, 2025, 15 (01)
[40]   Detection, Tracking, and Visualization of Spatial Event Clusters for Real Time Monitoring [J].
Andrienko, Natalia ;
Andrienko, Gennady ;
Fuchs, Georg ;
Rinzivillo, Salvatore ;
Betz, Hans-Dieter .
PROCEEDINGS OF THE 2015 IEEE INTERNATIONAL CONFERENCE ON DATA SCIENCE AND ADVANCED ANALYTICS (IEEE DSAA 2015), 2015, :910-919