Share Email Print
cover

Proceedings Paper

VAFLE: visual analytics of firewall log events
Author(s): Mohammad Ghoniem; Georgiy Shurkhovetskyy; Ahmed Bahey; Benoît Otjacques
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

In this work, we present VAFLE, an interactive network security visualization prototype for the analysis of firewall log events. Keeping it simple yet effective for analysts, we provide multiple coordinated interactive visualizations augmented with clustering capabilities customized to support anomaly detection and cyber situation awareness. We evaluate the usefulness of the prototype in a use case with network traffic datasets from previous VAST Challenges, illustrating its effectiveness at promoting fast and well-informed decisions. We explain how a security analyst may spot suspicious traffic using VAFLE. We further assess its usefulness through a qualitative evaluation involving network security experts, whose feedback is reported and discussed.

Paper Details

Date Published: 3 February 2014
PDF: 15 pages
Proc. SPIE 9017, Visualization and Data Analysis 2014, 901704 (3 February 2014); doi: 10.1117/12.2037790
Show Author Affiliations
Mohammad Ghoniem, Ctr. de Recherche Public - Gabriel Lippmann (Luxembourg)
Georgiy Shurkhovetskyy, Modern Sciences and Arts Univ. (Egypt)
Ahmed Bahey, Nile Univ. (Egypt)
Benoît Otjacques, Ctr. de Recherche Public - Gabriel Lippmann (Luxembourg)


Published in SPIE Proceedings Vol. 9017:
Visualization and Data Analysis 2014
Pak Chung Wong; David L. Kao; Ming C. Hao; Chaomei Chen, Editor(s)

© SPIE. Terms of Use
Back to Top