Cylindrical Coordinates Security Visualization for multiple domain command and control botnet detection
- Authors
- Seo, Ilju; Lee, Heejo; Han, Seung Chul
- Issue Date
- 10월-2014
- Publisher
- ELSEVIER ADVANCED TECHNOLOGY
- Keywords
- Security visualization; Botnet detection; DNS traffic; Human cognition; Graph isomorphism; Visual signature
- Citation
- COMPUTERS & SECURITY, v.46, pp.141 - 153
- Indexed
- SCIE
SCOPUS
- Journal Title
- COMPUTERS & SECURITY
- Volume
- 46
- Start Page
- 141
- End Page
- 153
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/97165
- DOI
- 10.1016/j.cose.2014.07.007
- ISSN
- 0167-4048
- Abstract
- The botnets are one of the most dangerous species of network-based attack. They cause severe network disruptions through massive coordinated attacks nowadays and the results of this disruption frequently cost enterprises large sums in financial losses. In this paper, we make an in-depth investigation on the issue of botnet detection and present a new security visualization tool for visualizing botnet behaviors on DNS traffic. The core mechanism is developed with the objective of enabling users to recognize security threats promptly and mitigate the damages by only visualizing DNS traffic in cylindrical coordinates. We compare our visualization method with existing ones and the experimental results show that ours has greater perceptual efficiency. The ideas and results of this study will contribute toward designing an advanced visualization technique that offers better security. Also, the approach proposed in this study can be utilized to derive new and valuable insights in security aspects from the complex correlations of Big Data. (C) 2014 Elsevier Ltd. All rights reserved.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - Graduate School > Department of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.