VizSec 2008 Symposium on Visualization for Cyber Security

Symposium on Visualization for Cyber Security

September 15, 2008
  /   Cambridge, MA USA

In conjunction with RAID

The 5th International Workshop on Visualization for Cyber Security was held in Cambridge, MA USA on September 15, 2008. VizSec brought together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques. The keynote speaker was Ben Shneiderman.

VizSec was held in conjunction with the 11th International Symposium on Recent Advances in Intrusion Detection (RAID).

The proceedings are in Springer Online and Springer Link.

Papers

Gregory Conti, Erik Dean, Matthew Sinda and Benjamin Sangster
"Visual Reverse Engineering of Binary and Data Files" slides | paper link
Alexander Heitzmann, Bernardo Palazzi, Charalampos Papamanthou and Roberto Tamassia
"Effective Visualization of File System Access-Control" slides | paper link
Ying Xia, Kevin Fairbanks and Henry Owen
"Visual Analysis of Program Flow Data with Data Propagation" paper link
Moses Schwartz and L. M. Liebrock
"A Term Distribution Visualization Approach to Digital Forensic String Search" slides | paper link
Leevar Williams, Richard Lippmann and Kyle Ingols
"GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool" slides | paper link
Scott O’Hare, Steven Noel and Kenneth Prole
"A Graph-Theoretic Visualization Approach to Network Risk Analysis" slides | paper link
John Homer, Ashok Varikuti, Xinming Ou and Miles A. McQueen
"Improving Attack Graph Visualization through Data Reduction and Attack Grouping" slides | paper link
T. J. Jankun-Kelly, Josh Franck, David Wilson, Jeffery Carver, David Dampier and J. Edward Swan
"Show Me How You See: Lessons from Studying Computer Forensics Experts for Visualization" slides | paper link
Xiaoyuan Suo, Ying Zhu and Scott Owen
"A Task Centered Framework for Computer Security Data Visualization" slides | paper link
James Shearer, Kwan-Liu Ma and Toby Kohlenberg
"BGPeep: An IP-Space Centered View for Internet Routing Data" slides | paper link
Fabian Fischer, Florian Mansmann, Daniel A. Keim, Stephan Pietzko and Marcel Waldvogel
"Large-Scale Network Monitoring for Visual Analysis of Attacks" slides | paper link
Ryan Blue, Cody Dunne, Adam Fuchs, Kyle King and Aaron Schulman
"Visualizing Real-Time Network Resource Usage" slides | paper link
Kenneth Prole, John R. Goodall, Anita D. D’Amico and Jason K. Kopylec
"Wireless Cyber Assets Discovery Visualization" slides | paper link
Pavel Minarik and Tomas Dymacek
"NetFlow Data Visualization Based on Graphs" slides | paper link
Sergey Bratus, Axel Hansen, Fabio Pellacini and Anna Shubina
"Backhoe, a Packet Trace and Log Browser" slides | paper link
Jeff Janies
"Existence Plots: A Low-Resolution Time Series for Port Behavior Analysis" paper link
Shahrulniza Musa and David J. Parish
"Using Time Series 3D AlertGraph and False Alert Classification to Analyse Snort Alerts" slides | paper link
Grant Vandenberghe
"Network Traffic Exploration Application: A Tool to Assess, Visualize, and Analyze Network Security Events" slides | paper link

Posters

Scott Evans, Richard Bejtlich, Stephen Markham, Jeremy Impson and Eric Steinbrecher
Towards Zero-Day Attack Detection through Intelligent Icon Visualization of MDL Model Proximity
Glenn Fink, Jereme Haack, Wendy Maiden and Errin Fulp
Cooperative Infrastructure Defense

Demos

Dean Pierce
Seeds of Contempt
Raffael Marty and Jan Monsch
Davix
Kenneth Prole
MeerCAT
Alexander Heitzmann and Bernardo Palazzi
TrACE: A Tool for Effective Visualization of File System Access-Control

Keynote Speaker

Ben Shneiderman, University of Maryland at College Park

Information Forensics: Harnessing visualization to support discovery

Ben Shneiderman is a Professor in the Department of Computer Science, Founding Director (1983-2000) of the Human-Computer Interaction Laboratory, and Member of the Institute for Advanced Computer Studies at the University of Maryland at College Park. He was made a Fellow of the ACM in 1997, elected a Fellow of the American Association for the Advancement of Science in 2001, and received the ACM CHI (Computer Human Interaction) Lifetime Achievement Award in 2001.

Since 1991 his major focus has been information visualization, beginning with his dynamic queries and starfield display research that led to the development of Spotfire. Dr. Shneiderman developed the treemap concept in 1991 which continues to inspire research and commercial implementations. Two current projects focus on network visualization: Network Visualization by Semantic Substrates and SocialAction.

The 5th International Workshop on Visualization for Cyber Security will provide a forum for new research in visualization for computer security. We are pleased to be holding this year's meeting in conjunction with the 11th International Symposium on Recent Advances in Intrusion Detection. The VizSec Workshop will be held at MIT in Cambridge, Massachusetts USA on Monday, September 15, 2008. The Keynote this year will be given by Ben Shneiderman on the topic Information Forensics: Harnessing visualization to support discovery.

As a result of previous VizSec workshops, we have seen both the application of existing visualization techniques to security problems and the development of novel security visualization approaches. However, VizSec research has focused on helping human analysts to detect anomalies and patterns, particularly in computer network defense. Other communities, led by researchers from the RAID Symposia, have researched automated methods for detecting anomalies and malicious activity.

The theme for this year's workshop, which will be held in conjunction with RAID 2008, will be on bridging the gap between visualization and automation, such as leveraging the power of visualization to create rules for intrusion detection and defense systems. We encourage VizSec participants to stay for the RAID Symposium and RAID participants to come a day early to participate in VizSec. There will be a discount for joint registration.

Technical Papers

We also solicit papers that report results on visualization techniques and systems in solving all aspects of cyber security problems, including:

All submitted papers will be peer-reviewed. Full and short papers will be published by Springer Lecture Notes in Computer Science (LNCS) in the VizSec 2008 Proceedings. Poster and Demo abstracts will be made available on the VizSec web site.

General Chair
John Goodall, Secure Decisions division of Applied Visions Inc.
Program Co-Chairs
Gregory Conti, United States Military Academy
Kwan-Liu Ma, University of California at Davis
Local Chair
Robert K. Cunningham, Lincoln Laboratory

Program Committee