Skip to Main content Skip to Navigation
Theses

User-centred security event visualisation

Christopher Humphries 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Managing the vast quantities of data generated in the context of information system security becomes more difficult every day. Visualisation tools are a solution to help face this challenge. They represent large quantities of data in a synthetic and often aesthetic way to help understand and manipulate them. In this document, we first present a classification of security visualisation tools according to each of their objectives. These can be one of three: monitoring (following events in real time to identify attacks as early as possible), analysis (the exploration and manipulation a posteriori of a an important quantity of data to discover important events) or reporting (representation a posteriori of known information in a clear and synthetic fashion to help communication and transmission). We then present ELVis, a tool capable of representing security events from various sources coherently. ELVis automatically proposes appropriate representations in function of the type of information (time, IP address, port, data volume, etc.). In addition, ELVis can be extended to accept new sources of data. Lastly, we present CORGI, an successor to ELVIS which allows the simultaneous manipulation of multiple sources of data to correlate them. With the help of CORGI, it is possible to filter security events from a datasource by multiple criteria, which facilitates following events on the currently analysed information systems.
Complete list of metadatas

https://hal.inria.fr/tel-01242084
Contributor : Guillaume Piolle <>
Submitted on : Friday, December 11, 2015 - 2:11:18 PM
Last modification on : Thursday, November 15, 2018 - 11:57:50 AM
Long-term archiving on: : Saturday, March 12, 2016 - 1:52:12 PM

File

Humphries_Christopher.pdf
Résumé, en attente de la version finale

Licence


Copyright

Identifiers

  • HAL Id : tel-01242084, version 1

Citation

Christopher Humphries. User-centred security event visualisation. Cryptography and Security [cs.CR]. Université de Rennes 1, 2015. English. ⟨tel-01242084v1⟩

Share

Metrics

Record views

140

Files downloads

40