1.
Ramalingam K. Chandrasekar, A. Selcuk Uluagac, Raheem Beyah
PROVIZ: An integrated visualization and programming framework for WSNs Conference Paper
In the proceedings of the 38th Annual IEEE Conference on ALocal Computer Networks Workshops (LCN Workshops), 2013.
Abstract | Links | BibTeX | Tags: IoT Security, Security Visualization
@conference{ChandrasekarPROVIZIEEE2013,
title = {PROVIZ: An integrated visualization and programming framework for WSNs},
author = {Ramalingam K. Chandrasekar and A. Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6758511/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the 38th Annual IEEE Conference on ALocal Computer Networks Workshops (LCN Workshops)},
abstract = {Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs. Independent of the functionalities provided by the WSN applications, many of the developers use visualization, simulation, and programming tools. However, these tools are designed as separate stand-alone applications, which force developers to use multiple tools. This situation often poses confusion and hampers an efficient development experience. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ, which is an integrated visualization and programming framework. In this paper, we explain the various features of PROVIZ's visualization and programming framework and discuss how PROVIZ can be used as a visual debugging tool to aid in providing a software fix.},
keywords = {IoT Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs. Independent of the functionalities provided by the WSN applications, many of the developers use visualization, simulation, and programming tools. However, these tools are designed as separate stand-alone applications, which force developers to use multiple tools. This situation often poses confusion and hampers an efficient development experience. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ, which is an integrated visualization and programming framework. In this paper, we explain the various features of PROVIZ's visualization and programming framework and discuss how PROVIZ can be used as a visual debugging tool to aid in providing a software fix.
2.
Troy Nunnally, Penyen Chi, Kulsoom Abdullah, A. Selcuk Uluagac, John A. Copeland, Raheem Beyah
P3D: A parallel 3D coordinate visualization for advanced network scans Conference Paper
In the proceedings of the IEEE International Conference on Communications (ICC), 2013.
Abstract | Links | BibTeX | Tags: Network Security, Security Visualization
@conference{NunnallyP3DIEEE2013,
title = {P3D: A parallel 3D coordinate visualization for advanced network scans},
author = {Troy Nunnally and Penyen Chi and Kulsoom Abdullah and A. Selcuk Uluagac and John A. Copeland and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6654828/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the IEEE International Conference on Communications (ICC)},
abstract = {As network attacks increase in complexity, network administrators will continue to struggle with analyzing security data immediately and efficiently. To alleviate these challenges, researchers are looking into various visualization techniques (e.g., two-dimensional (2D) and three-dimensional (3D)) to detect, identify, and analyze malicious attacks. This paper discusses the benefits of using a stereoscopic 3D parallel visualization techniques for network scanning, in particular, when addressing occlusion-based visualization attacks intended to confuse network administrators. To our knowledge, no 2D or 3D tool exists that analyzes these attacks. Hence, we propose a novel 3D Parallel coordinate visualization tool for advanced network scans and attacks called P3D. P3D uses flow data, filtering techniques, and state-of-the art 3D technologies to help network administrators detect distributed and coordinated network scans. Compared to other 2D and 3D network security visualization tools, P3D prevents occlusion-based visualization attacks (e.g., Windshield Wiper and Port Source Confusion attacks). We validate our tool with use-cases from emulated distributed scanning attacks. Our evaluation shows P3D allows users to extract new information about scans and minimize information overload by adding an extra dimension and awareness region in the visualization.},
keywords = {Network Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
As network attacks increase in complexity, network administrators will continue to struggle with analyzing security data immediately and efficiently. To alleviate these challenges, researchers are looking into various visualization techniques (e.g., two-dimensional (2D) and three-dimensional (3D)) to detect, identify, and analyze malicious attacks. This paper discusses the benefits of using a stereoscopic 3D parallel visualization techniques for network scanning, in particular, when addressing occlusion-based visualization attacks intended to confuse network administrators. To our knowledge, no 2D or 3D tool exists that analyzes these attacks. Hence, we propose a novel 3D Parallel coordinate visualization tool for advanced network scans and attacks called P3D. P3D uses flow data, filtering techniques, and state-of-the art 3D technologies to help network administrators detect distributed and coordinated network scans. Compared to other 2D and 3D network security visualization tools, P3D prevents occlusion-based visualization attacks (e.g., Windshield Wiper and Port Source Confusion attacks). We validate our tool with use-cases from emulated distributed scanning attacks. Our evaluation shows P3D allows users to extract new information about scans and minimize information overload by adding an extra dimension and awareness region in the visualization.
3.
Troy Nunnally, Kulsoom Abdullah, A. Selcuk Uluagac, John A. Copeland, Raheem Beyah
NAVSEC: A Recommender System for 3D Network Security Visualizations Conference Paper
In the proceedings of the 10th Workshop on Visualization for Cyber Security, 2013.
Abstract | Links | BibTeX | Tags: Network Security, Security Visualization
@conference{NunnallyNAVSECVizSec2013,
title = {NAVSEC: A Recommender System for 3D Network Security Visualizations},
author = {Troy Nunnally and Kulsoom Abdullah and A. Selcuk Uluagac and John A. Copeland and Raheem Beyah},
url = {https://dl.acm.org/doi/abs/10.1145/2517957.2517963},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the 10th Workshop on Visualization for Cyber Security},
abstract = {As network attacks increase in complexity, the ability to quickly analyze security data and mitigate the effect of these attacks becomes a difficult problem. To alleviate these challenges, researchers are looking into various two-dimensional (2D) and three-dimensional (3D) visualization tools to detect, identify, and analyze malicious attacks. These visualization tools often require advanced knowledge in networking, visualization, and information security to operate, navigate, and successfully examine malicious attacks. Novice users, deficient in the required advanced knowledge, may find navigation within these visualization tools difficult. Furthermore, expert users may be limited and costly. We discuss the use of a modern recommender system to aid in navigating within a complex 3D visualization for network security applications. We developed a visualization module called NAVSEC, a recommender system prototype for navigating in 3D network security visualization tools. NAVSEC recommends visualizations and interactions to novice users. Given visualization interaction input from a novice user and expert communities, NAVSEC is instrumental in reducing confusion for a novice user while navigating in a 3D visualization. We illustrate NAVSEC with a use-case from an emulated stealthy scanning attack disguised as a file transfer with multiple concurrent connections. We show that using NAVSEC, a novice user's visualization converges towards a visualization used to identify or detect a suspected attack by an expert user. As a result, NAVSEC can successfully guide the novice user in differentiating between complex network attacks and benign legitimate traffic with step-by-step created visualizations and suggested user interactions.},
keywords = {Network Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
As network attacks increase in complexity, the ability to quickly analyze security data and mitigate the effect of these attacks becomes a difficult problem. To alleviate these challenges, researchers are looking into various two-dimensional (2D) and three-dimensional (3D) visualization tools to detect, identify, and analyze malicious attacks. These visualization tools often require advanced knowledge in networking, visualization, and information security to operate, navigate, and successfully examine malicious attacks. Novice users, deficient in the required advanced knowledge, may find navigation within these visualization tools difficult. Furthermore, expert users may be limited and costly. We discuss the use of a modern recommender system to aid in navigating within a complex 3D visualization for network security applications. We developed a visualization module called NAVSEC, a recommender system prototype for navigating in 3D network security visualization tools. NAVSEC recommends visualizations and interactions to novice users. Given visualization interaction input from a novice user and expert communities, NAVSEC is instrumental in reducing confusion for a novice user while navigating in a 3D visualization. We illustrate NAVSEC with a use-case from an emulated stealthy scanning attack disguised as a file transfer with multiple concurrent connections. We show that using NAVSEC, a novice user's visualization converges towards a visualization used to identify or detect a suspected attack by an expert user. As a result, NAVSEC can successfully guide the novice user in differentiating between complex network attacks and benign legitimate traffic with step-by-step created visualizations and suggested user interactions.
4.
Troy Nunnally, A. Selcuk Uluagac, John A. Copeland, Raheem Beyah
3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for network security Conference Paper
In the proceedings of 37th Annual IEEE Conference on Local Computer Networks (LCN), 2012.
Abstract | Links | BibTeX | Tags: Network Security, Security Visualization
@conference{Nunnally3DSVATIEEE2012,
title = {3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for network security},
author = {Troy Nunnally and A. Selcuk Uluagac and John A. Copeland and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6423586/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings of 37th Annual IEEE Conference on Local Computer Networks (LCN)},
abstract = {As the volume of network data continues to increase and networks become more complex, the ability to accurately manage and analyze data quickly becomes a difficult problem. Many network management tools already use two-dimensional (2D) and three-dimensional (3D) visualization techniques to help support decision-making and reasoning of network anomalies and activity. However, a poor user interface combined with the massive amount of data could obfuscate important network details. As a result, administrators may fail to detect and identify malicious network behavior in a timely manner. 3D visualizations address this challenge by introducing monocular and binocular visual cues to portray depth and to increase the perceived viewing area. In this work, we explore these cues for 3D network security applications, with a particular emphasis on binocular disparity or stereoscopic 3D. Currently, no network security tool takes advantage of the enhanced depth perception provided by stereoscopic 3D technologies for vulnerability assessment. Compared to traditional 3D systems, stereoscopic 3D helps improve the perception of depth, which can, in turn reduce the number of errors and increase response times of network administrators. Thus, we introduce a stereoscopic 3D visual Framework for Rendering Enhanced 3D Stereoscopic Visualizations for Network Security (FRE3DS). Our novel framework uses state-of-the art 3D graphics rendering to assist in 3D visualizations for network security applications. Moreover, utilizing our framework, we propose a new 3D Stereoscopic Vulnerability Assessment Tool (3DSVAT). We illustrate the use of 3DSVAT to assist in rapid detection and correlation of attack vulnerabilities in a subset of a modified local area network data set using the enhanced perception of depth in a stereoscopic 3D environment.},
keywords = {Network Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
As the volume of network data continues to increase and networks become more complex, the ability to accurately manage and analyze data quickly becomes a difficult problem. Many network management tools already use two-dimensional (2D) and three-dimensional (3D) visualization techniques to help support decision-making and reasoning of network anomalies and activity. However, a poor user interface combined with the massive amount of data could obfuscate important network details. As a result, administrators may fail to detect and identify malicious network behavior in a timely manner. 3D visualizations address this challenge by introducing monocular and binocular visual cues to portray depth and to increase the perceived viewing area. In this work, we explore these cues for 3D network security applications, with a particular emphasis on binocular disparity or stereoscopic 3D. Currently, no network security tool takes advantage of the enhanced depth perception provided by stereoscopic 3D technologies for vulnerability assessment. Compared to traditional 3D systems, stereoscopic 3D helps improve the perception of depth, which can, in turn reduce the number of errors and increase response times of network administrators. Thus, we introduce a stereoscopic 3D visual Framework for Rendering Enhanced 3D Stereoscopic Visualizations for Network Security (FRE3DS). Our novel framework uses state-of-the art 3D graphics rendering to assist in 3D visualizations for network security applications. Moreover, utilizing our framework, we propose a new 3D Stereoscopic Vulnerability Assessment Tool (3DSVAT). We illustrate the use of 3DSVAT to assist in rapid detection and correlation of attack vulnerabilities in a subset of a modified local area network data set using the enhanced perception of depth in a stereoscopic 3D environment.
Citations: 8413
h-index: 44
i10-index: 107
