HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation

User-centred security event visualisation

Christopher Humphries 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
IRISA-D1 - SYSTÈMES LARGE ÉCHELLE, Inria Rennes – Bretagne Atlantique , CentraleSupélec
Abstract : Managing the vast quantities of data generated in the context of information system security becomes more difficult every day. Visualisation tools are a solution to help face this challenge. They represent large quantities of data in a synthetic and often aesthetic way to help understand and manipulate them. In this document, we first present a classification of security visualisation tools according to each of their objectives. These can be one of three: monitoring (following events in real time to identify attacks as early as possible), analysis (the exploration and manipulation a posteriori of a an important quantity of data to discover important events) or reporting (representation a posteriori of known information in a clear and synthetic fashion to help communication and transmission). We then present ELVis, a tool capable of representing security events from various sources coherently. ELVis automatically proposes appropriate representations in function of the type of information (time, IP address, port, data volume, etc.). In addition, ELVis can be extended to accept new sources of data. Lastly, we present CORGI, an successor to ELVIS which allows the simultaneous manipulation of multiple sources of data to correlate them. With the help of CORGI, it is possible to filter security events from a datasource by multiple criteria, which facilitates following events on the currently analysed information systems.
Complete list of metadata

Contributor : Guillaume Piolle Connect in order to contact the contributor
Submitted on : Friday, December 11, 2015 - 2:11:18 PM
Last modification on : Tuesday, October 19, 2021 - 11:58:56 PM
Long-term archiving on: : Saturday, March 12, 2016 - 1:52:12 PM


Résumé, en attente de la version finale




  • HAL Id : tel-01242084, version 1


Christopher Humphries. User-centred security event visualisation. Cryptography and Security [cs.CR]. Université de Rennes 1, 2015. English. ⟨tel-01242084v1⟩



Record views


Files downloads