VizAttack: An extensible open-source visualization framework for cyberattacks

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

Visualization of cyberattacks is gaining popularity as an intuitive technique to present attack data, without overwhelming the average user. However, a security analyst needs to be presented with advanced features, allowing the correlation of the collected data in order to yield interesting findings about the attack methodology itself and utilize the newly acquired knowledge to improve the security processes of an administrative domain. Meaningful cyber security situational awareness leverages security management as it provides the global security state of the administrative domain that allows for informed decision-making on security matters. This chapter presents VizAttack, an extensible, open-source visualization framework for data generated by various security technologies. Not only it integrates and visualizes data from heterogeneous security data sources in a single framework, but it also reconstructs the steps followed during an attack execution. Furthermore, VizAttack supports on-demand queries that are constructed on the fly during the investigation of these attack profiles.

Original languageEnglish
Title of host publicationAdvances in Cybersecurity Management
PublisherSpringer International Publishing
Pages75-95
Number of pages21
ISBN (Electronic)9783030713812
ISBN (Print)9783030713805
DOIs
Publication statusPublished - 15 Jun 2021

Keywords

  • Attack map
  • Attack profiling
  • Attack steps
  • Attack visualization
  • Cyber threats
  • Honeypot
  • Log files
  • On-demand queries
  • Parser
  • Security management

Fingerprint

Dive into the research topics of 'VizAttack: An extensible open-source visualization framework for cyberattacks'. Together they form a unique fingerprint.

Cite this