VAST 2012 Mini-Challenge 2: Chart- and Matrix-based approach to network operations forensics

Authors :: Florian Mansmann
Tobias Schreck
Prakash Thapa
Enrico Bertini
Christian Rohrdantz
Jan Hildenbrand
Daniel-Ionut Paval
Source :: IEEE VAST
Publication Year :: 2012
Publisher :: IEEE, 2012.
Abstract: We report the approach and results on the VAST 2012 MiniChallenge 2: Bank of Money Regional Office Network Operations Forensics. Using commercial data mining, visualization and database software such as KNIME, Tableau and MySQL as well as a custom-written source vs. destination IP pixel matrix, our team of students identified suspicious IRC traffic, an attack on the firewall, a drop in the firewall connections, an attempt for sensitive information exchange and a possible Distributed Denial-of-Service attack executed partly from a host within the bank network.

Subjects :: Network forensics
Firewall (construction)
Information sensitivity
Chart
Computer science
Pixel matrix
Computer security
computer.software_genre
Network operations center
computer
Visualization

Database :: OpenAIRE
Journal :: 2012 IEEE Conference on Visual Analytics Science and Technology (VAST)
Accession number :: edsair.doi...........096c6ced83234895faaed2cb7b0d3a17
Full Text :: https://doi.org/10.1109/vast.2012.6400513

Full Text Access

Tools