Share Email Print

Proceedings Paper

Efficient visualization of security events in a large agent society
Author(s): Dipankar Dasgupta; Jose Milet Rodriguez; Sankalp Balachandran
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

The paper describes the design and development of an efficient visualization tool called security console for monitoring security related events in a large agent society (Cougaar). This administrative tool is primarily used to collect and process alert messages generated by various sensors across the distributed agent society. This tool exploits the agents’ hierarchical structural for aggregating security events in order to discover correlation among them. In particular, it logically groups related alerts from raw messages (by removing duplicates, if any) and applies data mining techniques (like association rules and frequency episode learning), to discover situations that have certain characteristics in common. We performed extensive experimentation with the security console in various attack scenarios that generate large number of alert messages. Reported results exhibit that this alert monitoring and correlation tool can provide a profile of attack patterns which occur more frequently in the monitored agent society.

Paper Details

Date Published: 28 March 2005
PDF: 12 pages
Proc. SPIE 5812, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, (28 March 2005); doi: 10.1117/12.603240
Show Author Affiliations
Dipankar Dasgupta, Univ. of Memphis (United States)
Jose Milet Rodriguez, Univ. of Memphis (United States)
Sankalp Balachandran, Univ. of Memphis (United States)

Published in SPIE Proceedings Vol. 5812:
Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005
Belur V. Dasarathy, Editor(s)

© SPIE. Terms of Use
Back to Top