VAST 2012 Mini-Challenge 2: Chart- and Matrix-based approach to network operations forensics
Visual Analytics Science and Technology(2012)
摘要
We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.
更多查看译文
关键词
Denial-of-Service attack,bank network,firewall connection,Money Regional Office Network,Operations Forensics,commercial data mining,custom-written source,database software,sensitive information exchange,suspicious IRC traffic,Matrix-based approach,network operations forensics
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要