VizSec 2011 Symposium on Visualization for Cyber Security

Symposium on Visualization for Cyber Security

July 20, 2011
  /   Pittsburgh, PA, USA

In conjunction with SOUPS

The 8th International Symposium on Visualization for Cyber Security was held at Carnegie Mellon University in Pittsburgh, PA, USA on July 20, 2011. VizSec brought together researchers and practitioners from academia, government, and industry to share insights and present solutions to modern cyber security challenges using visualization techniques. Invited speakers were Lorrie Cranor and Simson Garfinkel.

VizSec was held in conjunction with Symposium on Usable Privacy and Security (SOUPS).

The proceedings are in the ACM Digital Library.


Alberto Boschetti, Chris Muelder, Luca Salgareldt and Kwan-Liu Ma
"TVi: A Visual Querying System for Network Monitoring and Anomaly Detection" paper link
Christopher Kintzel, Johannes Fuchs and Florian Mansmann
"Monitoring Large IP Spaces with ClockView" paper link
Ankit Singh, Alex Endert, Lauren Bradel, Christopher Andrews, Chris North and Robert Kincaid
"Supporting the Cyber Analytic Process Using Visual History on Large Displays" slides | paper link
Lakshmanan Nataraj, Karthikeyan Shanmugavadivel, Gregoire Jacob and B.S Manjunath
"Malware Images: Visuadtzation and Automatic Classification" slides | paper link
Chris Horn and Anita D'Amico
"Visual Analysis of Goal-Directed Network Defense Decisions" slides | paper link
Francesco Roveta, Luca Di Mario, Federico Maggi, Giorgio Cavigdta, Stefano Zanero and Paolo Ciuccareldt
"BURN: Baring Unknown Rogue Networks" (Best Paper Award) paper link

Keynote Speaker

Lorrie Cranor, Carnegie Mellon University

Lorrie Faith Cranor is an Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University where she is director of the CyLab Usable Privacy and Security Laboratory (CUPS). She is also Chief Scientist of Wombat Security Technologies, Inc. She has authored over 100 research papers on online privacy, usable security, phishing, spam, electronic voting, anonymous publishing, and other topics.

She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O'Reilly 2005) and founded the Symposium On Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O'Reilly 2002). She has served on a number of boards, including the Electronic Frontier Foundation Board of Directors, and on the editorial boards of several journals. In 2003 she was named one of the top 100 innovators 35 or younger by Technology Review magazine. She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University.

Please visit her personal website for more information.

Closing Speaker

Simson Garfinkel, Naval Postgraduate School

Simson L. Garfinkel is an Associate Professor at the Naval Postgraduate School in Monterey, California. His research interests include computer forensics, the emerging field of usability and security, personal information management, privacy, information policy and terrorism. He holds six US patents for his computer-related research and has published dozens of journal and conference papers in security and computer forensics.

Garfinkel is the author or co-author of fourteen books on computing. He is perhaps best known for his book Database Nation: The Death of Privacy in the 21st Century. Garfinkel's most successful book, Practical UNIX and Internet Security (co-authored with Gene Spafford), has sold more than 250,000 copies and been translated into more than a dozen languages since the first edition was published in 1991.

Garfinkel is also a journalist and has written more than a thousand articles about science, technology, and technology policy in the popular press since 1983. He started writing about identity theft in 1988. He has won numerous national journalism awards, including the Jesse H. Neal National Business Journalism Award two years in a row for his "Machine shop" series in CSO magazine. Today he mostly writes for Technology Review Magazine and the website.

As an entrepreneur, Garfinkel founded five companies between 1989 and 2000. Two of the most successful were Vineyard.NET, which provided Internet service on Martha's Vineyard to more than a thousand customers from 1995 through 2005, and Sandstorm Enterprises, an early developer of commercial computer forensic tools.

Garfinkel received three Bachelor of Science degrees from MIT in 1987, a Master's of Science in Journalism from Columbia University in 1988, and a Ph.D. in Computer Science from MIT in 2005.


Weichao Wang, Lane Harrison, Danny Quist, Jonathan Maletic, Robert Erbacher
"Visual Analytics and Automatic Detection Methods"

The International Symposium on Visualization for Cyber Security (VizSec) is a forum that brings together researchers and practitioners from academia, government, and industry to address the needs of the cyber security community through new and insightful visualization techniques. Co-located this year with the Symposium on Usable Privacy and Security (SOUPS), the 8th VizSec will provide new opportunities for the usability and visualization communities to collaborate and share insights on a broad range of security-related topics. Accepted papers will appear in the ACM Digital Library as part of the ACM International Conference Proceedings Series.

Important research problems often lie at the intersection of disparate domains. This year our focus is to explore effective, scalable visual interfaces for security domains, where visualization may provide a distinct benefit, including computer forensics, reverse engineering, insider threat detection, cryptography, privacy, preventing “user assisted†attacks, compliance management, wireless security, secure coding, and penetration testing in addition to traditional network security. Human time and attention are precious resources. We are particularly interested in visualization and interaction techniques that effectively capture human analyst insights so that further processing may be handled by machines, freeing the analyst for other tasks. For example, a malware analyst might use a visualization system to analyze a new piece of malicious software and then facilitate generating a signature for future machine processing. When appropriate, research that incorporates multiple data sources, such as network packet captures, firewall rulesets and logs, DNS logs, web server logs, and/or intrusion detection system logs, is particularly desirable.

Technical Papers

Full paper and panel abstracts offering novel contributions in security visualization are solicited. Papers may present technique, applications, practical experience, theory, or experiments and evaluations. Papers are encouraged on technologies and methods that have been demonstrated to be useful for improving information systems security and that address lessons from actual application. We encourage papers that report results on visualization techniques and systems in solving all aspects of cyber security problems, including how visualization applies to:


Accepted papers will appear in the ACM Digital Library. The program committee will select an accepted paper to receive the VizSec 2011 Best Paper award. A key element of the best paper selection process will be whether the results are believed to be repeatable by other scientists based on the algorithms and data provided in the paper.

General Chair
Greg Conti, US Military Academy at West Point
Program Chair
Tamara Yu, MIT Lincoln Laboratory
Publications Chair
Marc Abbott, US Military Academy at West Point
Publicity Chair
Anita D'Amico, Secure Decisions
Emeritus Chair
John Gerth, Stanford University

Program Committee