Data Visualization of Graph-Based Threat Detection System
Date
2021-08-28
Authors
Nikseresht, Ilnaz
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The Activity and Event Network Model (AEN) is a new security knowledge graph that leverages large dynamic uncertain graph theory to capture and analyze stealthy and long-term attack patterns. Because the graph is expected to become extremely large over time, it can be very challenging for security analysts to navigate it and identify meaningful information. This report presents different visualization layers deployed to improve the graph model’s presentation. The main goal is to build an enhanced visualization system that can more simply and effectively overlay different visualization layers, namely edge/node type, node property, node age, node’s probability of being compromised, and the threat horizon layer. Therefore, with the help of the developed layers, the network security analysts can identify suspicious network security events and activities as soon as possible.
Description
Keywords
Graph-Based Threat Detection System, AEN Graph, data visualization in security, data visualization