CORGI: Combination, Organization and Reconstruction through Graphical Interactions

Abstract : In this article, we present CORGI, a security-oriented log visualization tool that allows security experts to visually explore and link numerous types of log files through relevant representations and global filtering. The analyst can mark values as values of interest and then use these values to pursue the exploration in other log files, allowing him to better understand events and reconstruct attack scenarios. We present the user interface and interactions that ensure these capabilities and provide two use cases based on challenges from VAST and from the Honeynet project.
Type de document :
Communication dans un congrès
VizSec, Nov 2014, Paris, France. 〈10.1145/2671491.2671494〉
Liste complète des métadonnées

Littérature citée [25 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01096331
Contributeur : Christopher Humphries <>
Soumis le : mercredi 17 décembre 2014 - 11:41:31
Dernière modification le : mardi 16 janvier 2018 - 15:54:19
Document(s) archivé(s) le : lundi 23 mars 2015 - 14:56:28

Fichier

humphries2014corgi.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Christopher Humphries, Nicolas Prigent, Christophe Bidan, Frédéric Majorczyk. CORGI: Combination, Organization and Reconstruction through Graphical Interactions. VizSec, Nov 2014, Paris, France. 〈10.1145/2671491.2671494〉. 〈hal-01096331〉

Partager

Métriques

Consultations de la notice

946

Téléchargements de fichiers

386