STARLORD: Linked security data exploration in a 3D graph

Laetitia Leichtnam; Eric Totel; Nicolas Prigent; Ludovic Me

doi:10.1109/VIZSEC.2017.8062203

STARLORD: Linked security data exploration in a 3D graph

Laetitia Leichtnam
, Eric Totel
, Nicolas Prigent
, Ludovic Me

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

In this paper, we present a novel model and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX. Then, we use clustering algorithms to select interesting information to explore in a visualization panel. The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant security artifacts. We illustrate our approach with two case studies using datasets containing network capture of the wannacry attack.

Original language	English
Title of host publication	2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017
Editors	Celeste Lyn Paul, Simon Walton, Robert Gove, Sophie Engle, Diane Staheli, Lane Harrison, Nicolas Prigent
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1-4
Number of pages	4
ISBN (Electronic)	9781538626931
DOIs	https://doi.org/10.1109/VIZSEC.2017.8062203
Publication status	Published - 6 Oct 2017
Externally published	Yes
Event	14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017 - Phoenix, United States Duration: 2 Oct 2017 → …

Publication series

Name	2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017
Volume	2017-October

Conference

Conference	14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017
Country/Territory	United States
City	Phoenix
Period	2/10/17 → …

Keywords

Forensics
Intrusion Detection
Logs Management

Access to Document

10.1109/VIZSEC.2017.8062203

Cite this

Leichtnam, L., Totel, E., Prigent, N., & Me, L. (2017). STARLORD: Linked security data exploration in a 3D graph. In C. L. Paul, S. Walton, R. Gove, S. Engle, D. Staheli, L. Harrison, & N. Prigent (Eds.), 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017 (pp. 1-4). (2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017; Vol. 2017-October). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/VIZSEC.2017.8062203

Leichtnam, Laetitia ; Totel, Eric ; Prigent, Nicolas et al. / STARLORD : Linked security data exploration in a 3D graph. 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017. editor / Celeste Lyn Paul ; Simon Walton ; Robert Gove ; Sophie Engle ; Diane Staheli ; Lane Harrison ; Nicolas Prigent. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 1-4 (2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017).

@inproceedings{9c2d2e97685e46a38242251b5ec3bb94,

title = "STARLORD: Linked security data exploration in a 3D graph",

abstract = "In this paper, we present a novel model and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX. Then, we use clustering algorithms to select interesting information to explore in a visualization panel. The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant security artifacts. We illustrate our approach with two case studies using datasets containing network capture of the wannacry attack.",

keywords = "Forensics, Intrusion Detection, Logs Management",

author = "Laetitia Leichtnam and Eric Totel and Nicolas Prigent and Ludovic Me",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017 ; Conference date: 02-10-2017",

year = "2017",

month = oct,

day = "6",

doi = "10.1109/VIZSEC.2017.8062203",

language = "English",

series = "2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1--4",

editor = "Paul, \{Celeste Lyn\} and Simon Walton and Robert Gove and Sophie Engle and Diane Staheli and Lane Harrison and Nicolas Prigent",

booktitle = "2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017",

}

Leichtnam, L, Totel, E, Prigent, N & Me, L 2017, STARLORD: Linked security data exploration in a 3D graph. in CL Paul, S Walton, R Gove, S Engle, D Staheli, L Harrison & N Prigent (eds), 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017. 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017, vol. 2017-October, Institute of Electrical and Electronics Engineers Inc., pp. 1-4, 14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017, Phoenix, United States, 2/10/17. https://doi.org/10.1109/VIZSEC.2017.8062203

STARLORD: Linked security data exploration in a 3D graph. / Leichtnam, Laetitia; Totel, Eric; Prigent, Nicolas et al.
2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017. ed. / Celeste Lyn Paul; Simon Walton; Robert Gove; Sophie Engle; Diane Staheli; Lane Harrison; Nicolas Prigent. Institute of Electrical and Electronics Engineers Inc., 2017. p. 1-4 (2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017; Vol. 2017-October).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - STARLORD

T2 - 14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017

AU - Leichtnam, Laetitia

AU - Totel, Eric

AU - Prigent, Nicolas

AU - Me, Ludovic

PY - 2017/10/6

Y1 - 2017/10/6

N2 - In this paper, we present a novel model and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX. Then, we use clustering algorithms to select interesting information to explore in a visualization panel. The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant security artifacts. We illustrate our approach with two case studies using datasets containing network capture of the wannacry attack.

AB - In this paper, we present a novel model and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX. Then, we use clustering algorithms to select interesting information to explore in a visualization panel. The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant security artifacts. We illustrate our approach with two case studies using datasets containing network capture of the wannacry attack.

KW - Forensics

KW - Intrusion Detection

KW - Logs Management

UR - https://www.scopus.com/pages/publications/85047198984

U2 - 10.1109/VIZSEC.2017.8062203

DO - 10.1109/VIZSEC.2017.8062203

M3 - Conference contribution

AN - SCOPUS:85047198984

T3 - 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017

SP - 1

EP - 4

BT - 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017

A2 - Paul, Celeste Lyn

A2 - Walton, Simon

A2 - Gove, Robert

A2 - Engle, Sophie

A2 - Staheli, Diane

A2 - Harrison, Lane

A2 - Prigent, Nicolas

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 2 October 2017

ER -

Leichtnam L, Totel E, Prigent N, Me L. STARLORD: Linked security data exploration in a 3D graph. In Paul CL, Walton S, Gove R, Engle S, Staheli D, Harrison L, Prigent N, editors, 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 1-4. (2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017). doi: 10.1109/VIZSEC.2017.8062203

STARLORD: Linked security data exploration in a 3D graph

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this