{"title":"Data Visualization of Graph-Based Threat Detection System","authors":"Ilnaz Nikseresht, I. Traoré, A. Baniasadi","doi":"10.5121/csit.2022.120913","DOIUrl":null,"url":null,"abstract":"The Activity and Event Network Model (AEN) is a new security knowledge graph that leverages large dynamic uncertain graph theory to capture and analyze stealthy and longterm attack patterns. Because the graph is expected to become extremely large over time, it can be very challenging for security analysts to navigate it and identify meaningful information. We present different visualization layers deployed to improve the graph model’s presentation. The main goal is to build an enhanced visualization system that can more simply and effectively overlay different visualization layers, namely edge/node type, node property, node age, node’s probability of being compromised, and the threat horizon layer. Therefore, with the help of the developed layers, the network security analysts can identify suspicious network security events and activities as soon as possible.","PeriodicalId":91205,"journal":{"name":"Artificial intelligence and applications (Commerce, Calif.)","volume":"16 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Artificial intelligence and applications (Commerce, Calif.)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5121/csit.2022.120913","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The Activity and Event Network Model (AEN) is a new security knowledge graph that leverages large dynamic uncertain graph theory to capture and analyze stealthy and longterm attack patterns. Because the graph is expected to become extremely large over time, it can be very challenging for security analysts to navigate it and identify meaningful information. We present different visualization layers deployed to improve the graph model’s presentation. The main goal is to build an enhanced visualization system that can more simply and effectively overlay different visualization layers, namely edge/node type, node property, node age, node’s probability of being compromised, and the threat horizon layer. Therefore, with the help of the developed layers, the network security analysts can identify suspicious network security events and activities as soon as possible.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
