CORGI: Combination, Organization and Reconstruction through Graphical Interactions - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

CORGI: Combination, Organization and Reconstruction through Graphical Interactions

Résumé

In this article, we present CORGI, a security-oriented log visualization tool that allows security experts to visually explore and link numerous types of log files through relevant representations and global filtering. The analyst can mark values as values of interest and then use these values to pursue the exploration in other log files, allowing him to better understand events and reconstruct attack scenarios. We present the user interface and interactions that ensure these capabilities and provide two use cases based on challenges from VAST and from the Honeynet project.

Domaines

Informatique
Fichier principal
Vignette du fichier
humphries2014corgi.pdf (270.74 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01096331 , version 1 (17-12-2014)

Identifiants

Citer

Christopher Humphries, Nicolas Prigent, Christophe Bidan, Frédéric Majorczyk. CORGI: Combination, Organization and Reconstruction through Graphical Interactions. VizSec, Nov 2014, Paris, France. ⟨10.1145/2671491.2671494⟩. ⟨hal-01096331⟩
490 Consultations
412 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More