Data Visualization of Graph-Based Threat Detection System

Date

2021-08-28

Authors

Nikseresht, Ilnaz

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

The Activity and Event Network Model (AEN) is a new security knowledge graph that leverages large dynamic uncertain graph theory to capture and analyze stealthy and long-term attack patterns. Because the graph is expected to become extremely large over time, it can be very challenging for security analysts to navigate it and identify meaningful information. This report presents different visualization layers deployed to improve the graph model’s presentation. The main goal is to build an enhanced visualization system that can more simply and effectively overlay different visualization layers, namely edge/node type, node property, node age, node’s probability of being compromised, and the threat horizon layer. Therefore, with the help of the developed layers, the network security analysts can identify suspicious network security events and activities as soon as possible.

Description

Keywords

Graph-Based Threat Detection System, AEN Graph, data visualization in security, data visualization

Citation