CORGI: Combination, Organization and Reconstruction through Graphical Interactions - Archive ouverte HAL Access content directly
Conference Papers Year :

CORGI: Combination, Organization and Reconstruction through Graphical Interactions

(1) , (1) , (1) , (2)
1
2

Abstract

In this article, we present CORGI, a security-oriented log visualization tool that allows security experts to visually explore and link numerous types of log files through relevant representations and global filtering. The analyst can mark values as values of interest and then use these values to pursue the exploration in other log files, allowing him to better understand events and reconstruct attack scenarios. We present the user interface and interactions that ensure these capabilities and provide two use cases based on challenges from VAST and from the Honeynet project.
Fichier principal
Vignette du fichier
humphries2014corgi.pdf (270.74 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01096331 , version 1 (17-12-2014)

Identifiers

Cite

Christopher Humphries, Nicolas Prigent, Christophe Bidan, Frédéric Majorczyk. CORGI: Combination, Organization and Reconstruction through Graphical Interactions. VizSec, Nov 2014, Paris, France. ⟨10.1145/2671491.2671494⟩. ⟨hal-01096331⟩
480 View
379 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More