Stories from December 2nd, 2011

“Attack Visualization” Honeynet Project Forensic Challenge #10

8:35 am
No comments

SecViz has the details on a new visualization contest that attempts to bring graphical order to the typical chaos of network traces, following a reference dataset of internet attacks against a host.

The Challenge:

Design and build a visualization that describes the attacks that were analyzed in FC5. Use the three prize winners’ solutions as references and to give you a head start on the data analysis. Use the FC5 dataset to create your FC10 visualization.

As an example, the visualization may have a geographic element, represented as a map, link graphs, histogram, or parallel coordinates, that sheds light on the following:

  • Where the attacks came from
  • The volumes of attacks originating from various locations
  • The success or failure of these attacks
  • The nature of the attacks. For example which are “primary” and which are the “secondary” phases.
  • Can the attacks be color coded to describe groups of attacks/attackers?
  • Use external data sources such as the many freely available geomapping databases.

The output can be anything that you like – from a still image, to interactive flash/java, dynamically updating, dashboard style, magazine infographic, holograms are also accepted.

via “Attack Visualization” Honeynet Project Forensic Challenge #10. Entries close December 18 | SecViz.

Science , ,

 
Stories from August 18th, 2010

Log Visualization in the Cloud

8:00 am
No comments

Raffael Marty of SecViz.org is hosting a talk tomorrow (Aug 19th) at 5pm on uses of Data Visualization in solving security and IT problems.

Over the past years, organizations have collected more and more data and log files within their networks, systems, and cloud environments. Oftentimes, the data ends up being stored and archived without ever being used. This can be attributed to a lack of tools that help process and analyze all the data, but also to the lack of knowledge around data analysis. In this presentation we will explore how we can leverage visualization to uncover hidden problems. We will discuss some common visualization libraries and have a look at how they can be deployed to solve security and IT problems. We will look at a number of visualization examples that show how security data benefits from visual representations. For example, how can network traffic, firewall data, or IDS data be visualized effectively?

You’ll have to register for a BrightTalk account, but looks like a good 45-minute talk to attend.

via Log Visualization in the Cloud | brighttalk.com.

Science ,

 
Stories from August 6th, 2010

Data Visualization For Faster, More Effective Pen Testing

2:40 pm
No comments

At the recent Defcon conference, Chris Sumner gave a presentation called “Social Networking Special Ops: Extending Data Visualization Tools for Faster Pwnage” where he showed how you can use tools like Maltego, Processing, and DAVIX to parse information from social networks like friend relationships and status updates into useful information.  One particularly impressive example was in chasing a 419 Scammer through Facebook Updates.

Chris then detailed some of his research into a 419 Nigerian scam through which a friend of his had lost a laptop. He was able to gather information through Facebook by friending users who were located in Nigeria. His research revealed numerous brazen scammers who were flaunting their activities on Facebook. In fact, he got pretty far with identifying individuals involved in the scam until it became apparent that going all the way could be danger. As the slide said in his presentation: “Health Warning: Messing With Criminals Can Reduce Your Life Expectancy.”

You can view his massive 224-slide presentation (PDF, Google Viewer) and Whitepaper (PDF, Google Viewer) at his site.

via Data Visualization For Faster, More Effective Pen Testing – Evil Bytes Blog – Dark Reading.

Science , ,

 
Stories from February 19th, 2010

Infographic: Is your password secure?

12:00 pm
No comments


CXO magazine published an article recently which asked the question “Are you password protected?”. In other words, how strong is your password?

The only problem with this infographic, is that it lists a password as unbreakable. There are no passwords that are unbreakable. To test it out, I took their password (g01111001110011101100e) and entered it into Google Mail’s password strength meter. Google returned a value of strong. That makes me wonder where they had the idea that this password was unbreakable.

For the record, it turns out all of my passwords are considered strong by Google. To get a better feel for the strength of my passwords, I turned to The Password Meter. The unbreakable password above registered as very weak. All of my passwords registered as very strong, with the exception of my Amazon account, which I knew was weak. It looks like I need to come up with a new password. (Which I just did. The new Amazon password is now rated as very strong.) Another site to check your password strength is Microsoft. The unbreakable password there is rates as medium, while mine as rated as strong (but not the best).

via : Are you password protected?

Graphics ,

 
Stories from July 10th, 2009

Visualizations of the recent DDOS Traffic

9:38 am
No comments

ddos-weekThe recent government DDoS, suspected of originating from Korea, has been hot news lately but the vague sensationalist comments appearing the media make it difficult to know the actual scale of the problem.  ShadowServer aims to correct this by providing up-to-date visualizations of botnets and DDoS attacks through simple graphs that track historical activity over daily, monthly, and annual graphs.  Shown above is the most recent chart of the weekly DDOS activity, with the huge spike on Thursday.  Many more charts are available on their site.

ShadowServer DDOS Charts via Security Fix – Washington Post, White House, FAA, DoD, Others, Targeted in Online Attack.

Science , , ,

 
Stories from July 6th, 2009

Visualization in Network Security

9:11 am
1 comment

vizworldfeatureOne of the best resources for innovations in the field of visualization for network security is the Annual VizSec Workshop. This year the VizSec Workshop will be held in Atlantic City, NJ along with the Visualization conference and the InfoVis conference. Click here for more details about the workshop – VisSec 2009.

Before I discuss some innovative visualizations for network security, let me point out that there are two excellent books written by visualization for network security experts. Here they are:

Security Data Visualization: Graphical Techniques for Network Analysis by Greg Conti

security_data_visualizationSecurity Data Visualization is a well-researched and richly illustrated introduction to the field. Greg Conti, creator of the network and security visualization tool RUMINT, shows you how to graph and display network data using a variety of tools so that you can understand complex datasets at a glance. And once you’ve seen what a network attack looks like, you’ll have a better understanding of its low-level behavior–like how vulnerabilities are exploited and how worms and viruses propagate.

Applied Security Visualization by Raffy Marty (who has a security visualization blog at http://secviz.org).

applied_security_visualizationIn Applied Security Visualization, leading network security visualization expert Raffael Marty introduces all the concepts, techniques, and tools you need to use visualization on your network. You’ll learn how to identify and utilize the right data sources, then transform your data into visuals that reveal what you really need to know. Next, Marty shows how to use visualization to perform broad network security analyses, assess specific threats, and even improve business compliance.

Read after the break for some other excellent sources of innovations in the network security visualization field:

Read more…

Science , , ,

 
Stories from February 14th, 2009

Visual Computer Forensic Analysis

8:27 pm
No comments

A pair of researchers at the US Military Academy, West Point, have adapted visualization techniques to computer forensics tools to create a powerful way of mining data from systems.  Their results make use of the structure of data to attempt to automatically classify the type of data and can, in some cases, automatically decode and display it.

It is also important to note that the way in which the visual computer forensic tools written by Conti and Dean present the data to the examiner. They place more data in front of the examiner in a smaller amount of screen space. With some plots, Conti and Dean suggest that there are 300 to 900 times more examiner-viewable data on the screen at any one time when compared with standard text or hexadecimal viewers. When combined with the fact that the examiner views the data represented by pixels, the review speed of some file types dramatically increases. In short, visual forensic tools can save an examiner a significant amount of analysis time.

They presented this work at the Blackhat 2008 conference in Las Vegas, NV, and the software is available for download at their website.

via Legal Technology – Visual Computer Forensic Analysis.

Science

About Vizworld

VizWorld.com
We cover visualization and graphics news from around the internet, including Scientific Visualization, Visual Effects, and Graphics Hardware.
Read more on our About Page or learn about our Advertising Options
Get updates via twitter from @VizWorld.

Got an idea for a story? Drop us a line at [email protected] or other means.

Creative Commons License
VizWorld.com by VizWorld.com is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.
VizWorld.com is a production of VizWorld, LLC © 2009