Skip to Main content Skip to Navigation
Theses

User-centred security event visualisation

Christopher Humphries 1, 2, 3
3 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Managing the vast quantities of data generated in the context of information system security becomes more difficult every day. Visualisation tools are a solution to help face this challenge. They represent large quantities of data in a synthetic and often aesthetic way to help understand and manipulate them. In this document, we first present a classification of security visualisation tools according to each of their objectives. These can be one of three: monitoring (following events in real time to identify attacks as early as possible), analysis (the exploration and manipulation a posteriori of a an important quantity of data to discover important events) or reporting (representation a posteriori of known information in a clear and synthetic fashion to help communication and transmission). We then present ELVis, a tool capable of representing security events from various sources coherently. ELVis automatically proposes appropriate representations in function of the type of information (time, IP address, port, data volume, etc.). In addition, ELVis can be extended to accept new sources of data. Lastly, we present CORGI, an successor to ELVIS which allows the simultaneous manipulation of multiple sources of data to correlate them. With the help of CORGI, it is possible to filter security events from a datasource by multiple criteria, which facilitates following events on the currently analysed information systems.
Document type :
Theses
Complete list of metadatas

https://hal.inria.fr/tel-01242084
Contributor : Abes Star :  Contact
Submitted on : Friday, March 25, 2016 - 4:44:00 PM
Last modification on : Friday, July 10, 2020 - 4:01:15 PM
Long-term archiving on: : Sunday, June 26, 2016 - 3:17:38 PM

File

HUMPHRIES_Christopher.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01242084, version 2

Citation

Christopher Humphries. User-centred security event visualisation. Cryptography and Security [cs.CR]. Université Rennes 1, 2015. English. ⟨NNT : 2015REN1S086⟩. ⟨tel-01242084v2⟩

Share

Metrics

Record views

471

Files downloads

606