大数据与安全可视化

doi:10.11835/j.issn.1000-582X.2016.02.010

首页 > 过刊浏览>2016年第39卷第2期 >71-81. DOI:10.11835/j.issn.1000-582X.2016.02.010

大数据与安全可视化
DOI:
                        10.11835/j.issn.1000-582X.2016.02.010
                    
CSTR:
                        
                    
作者:
                        向宏向宏
重庆大学 信息物理社会可信服务计算教育部重点实验室, 重庆 400044;重庆大学 软件学院, 重庆 400044
在期刊界中查找
在百度中查找
在本站中查找
张瑜张瑜
重庆大学 软件学院, 重庆 400044
在期刊界中查找
在百度中查找
在本站中查找
胡海波胡海波
重庆大学 信息物理社会可信服务计算教育部重点实验室, 重庆 400044;重庆大学 软件学院, 重庆 400044
在期刊界中查找
在百度中查找
在本站中查找

                    
作者单位:
作者简介:
通讯作者:
中图分类号:
基金项目:国家自然科学基金资助项目(61472054);中央高校基本科研业务费资助项目(106112014CDJZR098801)。

Big data and security visualization

Author:

XIANG Hong
XIANG Hong
Key Laboratory of Dependable Service Computing in Cyber Physical Society, Chongqing University, Chongqing 400044, P. R. China;School of Software Engineering, Chongqing University, Chongqing 400044, P. R. China
在期刊界中查找
在百度中查找
在本站中查找
ZHANG Yu
ZHANG Yu
School of Software Engineering, Chongqing University, Chongqing 400044, P. R. China
在期刊界中查找
在百度中查找
在本站中查找
HU Haibo
HU Haibo
Key Laboratory of Dependable Service Computing in Cyber Physical Society, Chongqing University, Chongqing 400044, P. R. China;School of Software Engineering, Chongqing University, Chongqing 400044, P. R. China
在期刊界中查找
在百度中查找
在本站中查找

Affiliation:

Fund Project:

摘要

图/表

访问统计

参考文献 [60]

相似文献

引证文献

资源附件

文章评论

摘要:

IT技术的飞速发展开启了大数据时代。海量的数据信息带来更多的数据价值的同时,各类安全问题也随之而来。通过数据可视化技术能够帮助充分全面并且及时地找出系统中可能存在的安全威胁,评估系统安全,保证基础设施的安全。研究从数据角度出发,结合大数据的特征对安全数据进行分类,并对当前已存在的针对不同安全数据进行可视化的工具及技术进行总结,使得能够将已成熟的数据安全可视化技术用于大数据安全的研究,最后对未来的发展趋势进行了展望。

关键词:大数据;安全可视化;安全数据

Abstract:

The rapid development of IT technology opens an unprecedented age of big data. The massive amounts of information gives us more data. Meanwhile, all kinds of security problems follow. Data visualization techniques can help us to identify the possible security threats in the system roundly and timely, evaluate system security and ensure the security of infrastructure. In this paper, we first classified security data according to the feature of big data from data perspective; then, summarized the existing visualization tools and technology based on all types of security data so that we can use mature data security visualization technology for the researches of big data security; at last we outlined guidelines and directions for future studies.

Key words:big data;security visualization;security data

参考文献

[1] Cox M, Ellsworth D. Application-controlled demand paging for out-of-core visualization[C]//Proceedings of the 8th conference on Visualization'97, October19-24,1997, Phoenix, AZ, USA:IEEE Computer Society Press,1997:235-244.

[2] Doug Laney. Application delivery strategies[M]. USA:META Group Inc,2011.

[3] Manyika J, Chui M, Brown B, et al. Big data:The next frontier for innovation, competition, and productivity[J]. McKinsey Global Institute,2011.

[4] Gartner Group Homepage.[EB/OL].[2015-03-26].http://www.gartner,com/.2016.

[5] Mayer-Sch nberger V, Cukier K. Big data:A revolution that will transform how we live, work, and think[M]. USA:John Munay Publishers,2013.

[6] Buneman P. Semistructured data[C]//Proceedings of the sixteenth ACM Sigact-sigmod-sigart Symposium on Principles of Database Systems. USA:Association for Computing Machinery,1997:117-121.

[7] Measuring Cyber Security and Information Assurance:A State-of-the Art Report[M]. USA:Information Assurance Technology Analysis Center,2009.

[8] Shiravi H, Shiravi A, Ghorbani A. A survey of visualization systems for network security[J]. IEEE transactions on visualization and computer graphics,2012,18(8):1313-1329.

[9] Fortier S C, Shombert L A. Network profiling and data visualization[C]//Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, USA:IEEE, 2000.

[10] Richard A, Becker S G E, Allan R. Wilks, Visualizing network data[J]. IEEE Transactions on Visualization and Computer Graphics,1995,1(1):16-28.

[11] Girardin L,Brodbeek D.A visual approach for monitoring logs[C]//Proceedings of Large Installation System Adm-inistration Conference. New York:Association for Computing Machinery Press,1998:299-308.

[12] VizSec Homepage.[EB/OL].[2015-03-26]. http://www.vizsec.org/.2014

[13] KWAN-LIU MA Homepage.[EB/OL].[2015-03-26]. http://www.cs.ucdavis.edu/~ma/.2010.

[14] VIDI Homepage.[EB/OL].[2015-03-26]. http://vidi.cs.ucdavis.edu/new.2014.

[15] Marty R. Applied security visualization[M]. Upper Saddle River:Addison-Wesley,2009.

[16] VAST Challenge Homepage.[EB/OL].[2015-03-26]. http://www.vacommunity.org/VAST+Challenge+2013.2013.

[17] 赵颖, 樊晓平, 周芳芳, 等. 网络安全数据可视化综述[J]. 计算机辅助设计与图形学学报,2014,26(5):687-697. ZHAO Ying, FAN Xiaoping, ZHOU Fangfang, et al. A survey on network security data visualization[J]. Journal of Computer Aided Design & Computer Graphics,2014,26(5):687-697.(in Chinese)

[18] Antiy Labs Homepage.[EB/OL].[2015-03-26]. http://www.antiy.com/.

[19] Internet Security Forum(ISF) Homepage.[EB/OL].[2015-03-26]. http://isf.cisrg.org/.

[20] 潘柱廷. 安全大数据的7个V——大数据基础问题与信息安全的交叉探究[EB/OL].[2015-03-26]. http://www.thebi-gdata.cn/JieJueFangAn/12951.html?utm_source=tuicool.2014. PAN Zhuting. 7V of security big data-the cross inquiry between basic questions of big data and information secu-rity[EB/OL].[2015-03-26]. http://www.thebigdata.cn/JieJueFangAn/12951.html?utm_source=tuicool. 2014.(in Chinese)

[21] 吕良福, 张加万, 孙济洲, 等. 网络安全可视化研究综述[J]. 计算机应用, 2008, 28(8):1924-1927. LV Liangfu, ZHANG JiaWan, SUN JiZhou, et al. Survey of network security visualization techniques[J]. Computer Applications,2008,28(8):1924-1927.(in Chinese)

[22] McPherson J, Ma K L, Krystosk P, et al. Portvis:a tool for port-based detection of security events[C]//Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security. New York:Association for Computing Machinery,2004:73-81.

[23] Boschetti A, Salgarelli L, Muelder C, et al. Tvi:a visual querying system for network monitoring and anomaly detec-tion[C]//Proceedings of the 8th International Symposium on Visualization for Cyber Security. USA:Association for Computing Machinery,2011:1.

[24] Kintzel C, Fuchs J, Mansmann F. Monitoring large ip spaces with clockview[C]//Proceedings of the 8th International Symposium on Visualization for Cyber Security. USA:Association for Computing Machinery,2011:2.

[25] Karapistoli E, Sarigiannidis P, Economides A A. SRNET:a real-time, cross-based anomaly detection and visualization system for wireless sensor networks[C]//Proceedings of the Tenth Workshop on Visualization for Cyber Security. USA:Association for Computing Machinery,2013:49-56.

[26] Le Malécot E, Kohara M, Hori Y, et al. Interactively combining 2D and 3D visualization for network traffic monit-oring[C]//Proceedings of the 3rd international workshop on Visualization for computer security. USA:Association for Computing Machinery,2006:123-127.

[27] Aigner W, Miksch S, Schumann H, et al. Visualization of Time-Oriented Data. Human-Computer Interaction Series[M]. USA:Springer,2011.

[28] Saito T, Miyamura H N, Yamamoto M, et al. Two-tone pseudo coloring:Compact visualization for one-dimensional data[C]//In Proceedings of the Proceedings of the 2005 IEEE Symposium on Information Visualization, INFOVIS'05. Washington, DC, USA:IEEE Computer Society,2005:23.

[29] Fischer F, Fuchs J, Mansmann F. ClockMap:enhancing circular treemaps with temporal glyphs for time-series data[C]//In M. Meyer and T. Weinkauf, editors, Proceedings of the Eurographics Conference on Visualization (EuroVis 2012 Short Papers). Vienna, Austria:IEEE,2012:97-101.

[30] McLachlan P, Munzner T, Koutsofios E, et al. Liverac:interactive visual exploration of system management time-series data[C]//In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI'08. New York, USA:Association for Computing Machinery,2008:1483-1492.

[31] Best D M, Bohn S, Love D, et al. Real-time visualization of network behaviors for situational awareness[C]//In Proceedings of the Seventh International Symposium on Visualization for Cyber Security, VizSec'10. New York, USA:Association for Computing Machinery,2010:79-90.

[32] Keogh E, Lin J, Fu A. Hot sax:Efficiently finding the most unusual time series subsequence[C]//In Proceedings of the Fifth IEEE International Conference on Data Mining, ICDM'05. Washington, DC, USA:IEEE Computer Society,2005:226-233.

[33] Shafer I, Ren K, Boddeti V N, et al. Rainmon:an integrated approach to mining bursty timeseries monitoring data[C]//In Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining, KDD'12. New York, USA:Association for Computing Machinery,2012:1158-1166.

[34] Kincaid R, Lam H. Line graph explorer:scalable display of line graphs using focus context[C]//In Proceedings of the working conference on Advanced visual interfaces, AVI'06, pages 404-411, New York, USA:Association for Computing Machinery,2006.

[35] Stoffel F, Fischer F, Keim D A. Finding anomalies in time-series using visual correlation for interactive root cause analysis[C]//Proceedings of the Tenth Workshop on Visualization for Cyber Security. New York:Association for Computing Machinery,2013:65-72.

[36] Kent S, Lynn C, Seo K. Secure Border Gateway Protocol (S-BGP)[J]. IEEE Journal in Communications,2000,18(4):582-592.

[37] Teoh S T, Ma K L, Wu S F. A visual exploration process for the analysis of internet routing data[C]//Proceedings of the 14th IEEE Visualization 2003(VIS'03). USA:IEEE Computer Society,2003:69.

[38] Li J, Dou D, Wu Z, et al. An Internet routing forensics framework for discovering rules of abnormal BGP events[J]. ACM Sigcomm Computer Communication Review,2005,35(5):55-66.

[39] Zhang K, Yen A, Zhao X, et al. On detection of anomalous routing dynamics in BGP[C]//Networking 2004. Springer Berlin:Heidelberg,2004:259-270.

[40] Teoh S T, Zhang K, T seng S M. et al. Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP[C]//The Workshop on Visualization and Data Mining for Computer Security[S. L.]:IEEE,2004:35-44.

[41] Fischer F, Fuchs J, Vervier P A, et al. VisTracer:a visual analytics tool to investigate routing anomalies in tracero-utes[C]//Proceedings of the Ninth International Symposium on Visualization for Cyber Security. New York:Association for Computing Machinery,2012:80-87.

[42] Papadopoulos S, Theodoridis G, Tzovaras D. BGP fuse:using visual feature fusion for the detection and attribution of BGP anomalies[C]//Proceedings of the Tenth Workshop on Visualization for Cyber Security. New York:Association for Computing Machinery,2013:57-64.

[43] Muelder C, Ma K L. Visualization of sanitized email logs for spam analysis[C]//Visualization, 2007. APVIS'07. 20076th International Asia-Pacific Symposium on.[S. L.]:IEEE,2007:9-16.

[44] Fischer F, Fuchs J, Mansmann F, et al. BANKSAFE:A visual situational awareness tool for large-scale computer networks:VAST 2012 challenge award:Outstanding comprehensive submission, including multiple vizes[C]//Visual Analytics Science and Technology (VAST), 2012 IEEE Conference on.[S. L.]:IEEE,2012:257-258.

[45] Wagner C, Wagener G, Dulaunoy A, et al. PeekKernelFlows:Peeking into IP flows[C]//Proceedings of the Seventh International Symposium on Visualization for Cyber Security. New York:Association for Computing Machinery,2010:52-57.

[46] Nyarko K, Capers T, Scott C. Network intrusion visualization with NIVA, an intrusion detection visual analyzer with haptic integration[C]//In Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems (HAPTICS'02). USA:IEEE,2002:277-284.

[47] Takada T, Koike H. Tudumi:Information visualization system for monitoring and auditing computer logs[C]//In Proceedings of the Sixth International Conference on Information Visualization. UK:IEEE,2002:570-576.

[48] Yelizarov A, Gamayunov D. Visualization of complex attacks and state of attacked network[C]//Proceedings of the 6th International Workshop on Visualization for Cyber Security, Octorber 11, 2009. Atlantic City, USA:IEEE,2009:1-9.

[49] 舒孝春.可视化入侵检测技术在校园网中的应用[J].电脑知识与技术,2011,5:18-19. SHU Xiaochun, application of visualization intrusion detection technology in campus network[J]. Computer Knowledge and Technology,2011,5:18-19.(in Chinese)

[50] Alsaleh M, Alqahtani A, Alarifi A, et al. Visualizing PHPIDS log files for better understanding of web server attacks[C]//Proceedings of the Tenth Workshop on Visualization for Cyber Security. USA:Association for Computing Machinery,2013:1-8.

[51] Song H, Muelder C W, Ma K L. Crucial Nodes Centric Visual Monitoring and Analysis of Computer Networks[C]//Cyber Security (CyberSecurity), 2012 International Conference on. USA:IEEE,2012:16-23.

[52] Humphries C, Prigent N, Bidan C, et al. ELVIS:Extensible Log VISualization[C]//Proceedings of the Tenth Workshop on Visualization for Cyber Security. USA:Association for Computing Machinery,2013:9-16.

[53] Stange J E, D M Landstorfer. Visual filter:graphical exploration of network security log files[C]//Proceedings of the Eleventh Workshop on Visualization for Cyber Security. USA:Association for Computing Machinery,2014:41-48.

[54] 赵颖,樊晓平,周芳芳,等.大规模网络安全数据协同可视分析方法研究[J].计算机科学与探索, 2014,8(7):848-857. ZHAO Ying, FAN Xiaoping, ZHOU Fangfang, et al. Study on collaborative visual analysis of large scale network security data[J]. The Journal of Frontiers of Commputer Science and Technology,2014,8(7):848-857.(in Chinese)

[55] Labib K, Vemuri R. NSOM:A real-time network-based intrusion detection system using self-organizing maps[J]. Networks and Security,2002:1-6.

[56] Yoo I S. Visualizing windows executable viruses using self-organizing maps[C]//Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security. USA:Association for Computing Machinery,2004:82-89.

[57] Ren P, Kristoff J, Gooch B. Visualizing DNS traffic[C]//Proceedings of the 3rd international workshop on Visualization for computer security. USA:Association for Computing Machinery,2006:23-30.

[58] 吕良福.DDoS攻击的检测及网络安全可视化研究[D].天津:天津大学,2008. LV Liangfu. Research on DDoS attacks detection and related network security visualization techniques[D]. Tianjin:Tianjin Universiry,2008.(in Chinese)

[59] Leschke T R, Nicholas C. Change-link 2.0:a digital forensic tool for visualizing changes to shadow volume data[C]//Proceedings of the Tenth Workshop on Visualization for Cyber Security. New York:Association for Computing Machinery,2013:17-24.

[60] Matuszak W J, DiPippo L, Sun Y L. CyberSAVe:situational awareness visualization for cyber security of smart grid systems[C]//Proceedings of the Tenth Workshop on Visualization for Cyber Security. New York:Association for Computing Machinery,2013:25-32.

引用本文

向宏,张瑜,胡海波.大数据与安全可视化[J].重庆大学学报,2016,39(2):71-81.

复制

文章指标

点击次数:
下载次数:
HTML阅读次数:
引用次数:

历史

收稿日期:2015-09-12
最后修改日期:
录用日期:
在线发布日期: 2016-05-16
出版日期:

期刊社主页

编辑部首页

期刊介绍

编委会

数据库收录

过刊浏览

联系我们

引用本文

分享

文章指标

历史

文章二维码

期刊社主页

编辑部首页

期刊介绍

编委会

数据库收录

过刊浏览

联系我们

引用本文

分享

微信扫一扫：分享

文章指标

历史

文章二维码