Abstract
The growing impact of issues in web security has led researchers to conduct large-scale measurements aimed at analyzing and understanding web-related ecosystems. Comprehensive solutions for data collection on a large set of websites have been developed, but analysis practices remain ad hoc, requiring additional efforts and slowing down investigations. A promising approach to data analysis is visual analytics, where interactive visualizations are used to speed up data exploration. However, this approach has not yet been applied to web security, and creating such a solution requires addressing domain-specific challenges.
In this paper, we show how visual analytics can help in analyzing the data from web security studies. We present a case study of leveraging an interactive visualization tool to replicate a security study, and evaluate a prototype tool implementing visual analytics techniques designed for web security. We conclude that such a tool would provide a solution that allows researchers to more effectively study web security issues.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Amann, J., Gasser, O., Scheitle, Q., Brent, L., Carle, G., Holz, R.: Mission accomplished?: HTTPS security after DigiNotar. In: Proceedings of the IMC, pp. 325–340 (2017)
Cangialosi, F., Chung, T., Choffnes, D., Levin, D., Maggs, B.M., Mislove, A., Wilson, C.: Measurement and analysis of private key sharing in the HTTPS ecosystem. In: Proceedings of the CCS, pp. 628–640 (2016)
Card, S.K., Moran, T.P., Newell, A.: The Psychology of Human-Computer Interaction. Lawrence Erlbaum Associates, Mahwah (1983)
Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A search engine backed by internet-wide scanning. In: Proceedings of the CCS, pp. 542–553 (2015)
Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the CCS, pp. 1388–1401 (2016)
Fink, G.A., North, C.L., Endert, A., Rose, S.: Visualizing cyber security: usable workspaces. In: Proceedings of the VizSec, pp. 45–56 (2009)
Goodall, J.R.: Visualization is better! A comparative evaluation. In: Proceedings of the VizSec, pp. 57–68. IEEE (2009)
Harger, J.R., Crossno, P.J.: Comparison of open-source visual analytics toolkits. In: Proceedings of the VDA. SPIE (2012)
Irwin, B., Pilkington, N.: High level Internet scale traffic visualization using Hilbert curve mapping. In: Goodall, J.R., Conti, G., Ma, K.L. (eds.) VizSEC 2007. Mathematics and Visualization, pp. 147–158. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78243-8_10
Keim, D.A.: Visual exploration of large data sets. Commun. ACM 44(8), 38–44 (2001)
Le Pochat, V., Van Goethem, T., Joosen, W.: Towards visual analytics for web security data. In: Proceedings of the PAM (Posters) (2018). Extended abstract. https://lirias.kuleuven.be/handle/123456789/618030
Liu, Z., Heer, J.: The effects of interactive latency on exploratory visual analysis. IEEE Trans. Vis. Comput. Graph. 20(12), 2122–2131 (2014)
Nguyen, V., Deeds-Rubin, S., Tan, T., Boehm, B.: A SLOC counting standard. In: Proceedings of the COCOMO. USC CSSE (2007). http://csse.usc.edu/TECHRPTS/2007/usc-csse-2007-737/usc-csse-2007-737.pdf
Shiravi, H., Shiravi, A., Ghorbani, A.A.: A survey of visualization systems for network security. IEEE Trans. Vis. Comput. Graph. 18(8), 1313–1329 (2012)
Shneiderman, B.: The eyes have it: a task by data type taxonomy for information visualizations. In: Proceedings of the VL, pp. 336–343 (1996)
Thomas, J.J., Cook, K.A. (eds.): Illuminating the Path: The Research and Development Agenda for Visual Analytics. IEEE Computer Society Press, Washington (2005)
Tufte, E.R.: The Visual Display of Quantitative Information. Graphics Press, Cheshire (1983)
Vissers, T., Joosen, W., Nikiforakis, N.: Parking sensors: analyzing and detecting parked domains. In: Proceedings of the NDSS. Internet Society (2015)
Vissers, T., Van Goethem, T., Joosen, W., Nikiforakis, N.: Maneuvering around clouds: bypassing cloud-based security providers. In: Proceedings of the CCS, pp. 1530–1541 (2015)
Wagner, M., Fischer, F., Luh, R., Haberson, A., Rind, A., Keim, D.A., Aigner, W.: A survey of visualization systems for malware analysis. In: Proceedings of the EuroVis - STARs, pp. 105–125. Eurographics Assoc. (2015)
Ward, M.O.: Linking and brushing. In: Liu, L., Özsu, M.T. (eds.) Encyclopedia of Database Systems, pp. 1623–1626. Springer, Heidelberg (2009). https://doi.org/10.1007/978-0-387-39940-9_1129
Zhang, L., Stoffel, A., Behrisch, M., Mittelstadt, S., Schreck, T., Pompl, R., Weber, S., Last, H., Keim, D.A.: Visual analytics for the big data era - a comparative review of state-of-the-art commercial systems. In: Proceedings of the VAST, pp. 173–182 (2012)
Acknowledgments
This research is partially funded by the Research Fund KU Leuven.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Le Pochat, V., Van Goethem, T., Joosen, W. (2018). Idea: Visual Analytics for Web Security. In: Payer, M., Rashid, A., Such, J. (eds) Engineering Secure Software and Systems. ESSoS 2018. Lecture Notes in Computer Science(), vol 10953. Springer, Cham. https://doi.org/10.1007/978-3-319-94496-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-94496-8_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94495-1
Online ISBN: 978-3-319-94496-8
eBook Packages: Computer ScienceComputer Science (R0)