Volume 7 - Issue 1
Technique of Data Visualization: Example of Network Topology Display for Security Monitoring
- Maxim Kolomeec
Laboratory of Computer Security Problems St. Petersburg Institute for Informatics and Automation (SPIIRAS) 39, 14 Liniya, St. Petersburg, Russia
kolomeec@comsec.spb.ru
- Andrey Chechulin
Laboratory of Computer Security Problems St. Petersburg Institute for Informatics and Automation (SPIIRAS) 39, 14 Liniya, St. Petersburg, Russia
chechulin@comsec.spb.ru
- Anton Pronoza
Laboratory of Computer Security Problems St. Petersburg Institute for Informatics and Automation (SPIIRAS) 39, 14 Liniya, St. Petersburg, Russia
pronoza@comsec.spb.ru
- Igor Kotenko
Laboratory of Computer Security Problems St. Petersburg Institute for Informatics and Automation (SPIIRAS) 39, 14 Liniya, St. Petersburg, Russia
ivkote@comsec.spb.ru
Keywords: visualization techniques, formal models, visualization of topology of a computer network, security monitoring, computer network, SIEM, cyber security.
Abstract
The paper presents the results of research devoted to the development of an unified flexible visualization
system for security monitoring of computer networks used in the SIEM systems. The developed
models and technique of visualization are used for selection of methods of data collection, normalization,
preprocessing and representation. The individual components of the proposed visualization
system are described using set-theoretic models. To analyze the operability of the developed models
and methodologies a software prototype of the visualization system is developed and experiments
are conducted.