Situational awareness is a key concept in cyber-defence. Its goal is to make the user aware of different and complex aspects of the network he or she is monitoring. This paper proposes PERCIVAL, a novel visual analytics environment that contributes to situational awareness by allowing the user to understand the network security status and to monitor security events that are happening on the system. The proposed visualization allows for comparing the proactive security analysis with the actual attack progress, providing insights on the effectiveness of the mitigation actions the system has triggered against the attack and giving an overview of the possible attack's evolution. Moreover, the same visualization can be fruitfully used in the proactive analysis since it allows for getting details on computed attack paths and evaluating the mitigation actions that have been proactively computed by the system. A preliminary user study provided a positive feedback on the prototype implementation of the system. A video of the system is available at: https://youtu.be/uMpYCJCX95k.
PERCIVAL: Proactive and reactive attack and response assessment for cyber incidents using visual analytics / Angelini, Marco; Prigent, Nicolas; Santucci, Giuseppe. - STAMPA. - (2015), pp. 1-8. (Intervento presentato al convegno 12th IEEE Symposium on Visualization for Cyber Security, VizSec 2015 tenutosi a Chicago; United States nel 2015) [10.1109/VIZSEC.2015.7312764].
PERCIVAL: Proactive and reactive attack and response assessment for cyber incidents using visual analytics
ANGELINI, MARCO
;SANTUCCI, Giuseppe
2015
Abstract
Situational awareness is a key concept in cyber-defence. Its goal is to make the user aware of different and complex aspects of the network he or she is monitoring. This paper proposes PERCIVAL, a novel visual analytics environment that contributes to situational awareness by allowing the user to understand the network security status and to monitor security events that are happening on the system. The proposed visualization allows for comparing the proactive security analysis with the actual attack progress, providing insights on the effectiveness of the mitigation actions the system has triggered against the attack and giving an overview of the possible attack's evolution. Moreover, the same visualization can be fruitfully used in the proactive analysis since it allows for getting details on computed attack paths and evaluating the mitigation actions that have been proactively computed by the system. A preliminary user study provided a positive feedback on the prototype implementation of the system. A video of the system is available at: https://youtu.be/uMpYCJCX95k.| File | Dimensione | Formato | |
|---|---|---|---|
|
Angelini_PERCIVAL_2015.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
3.2 MB
Formato
Adobe PDF
|
3.2 MB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
