Abstract
With the number of devices connected to the internet growing rapidly and software systems being increasingly deployed on the web, security and privacy have become crucial properties for networks and applications. Due the complexity and subtlety of cryptographic methods and protocols, software architects and developers often fail to incorporate security principles in their designs and implementations. Also, most users have minimal understanding of security threats. While several tools for developers, system administrators and security analysts are available, these tools typically provide information in the form of textual logs or tables, which are cumbersome to analyze. Thus, in recent years, the field of security visualization has emerged to provide novel ways to display security-related information so that it is easier to understand. In this work, we give a preliminary survey of approaches to the visualization of computer security concepts that use graph drawing techniques.
This work has been presented at the 2008 Symposium on Graph Drawing in a invited talk dedicated to the memory of Paris C. Kanellakis, a prominent computer scientist and Brown faculty member who died with his family in an airplane crash in December 1995. His unbounded energy and outstanding scholarship greatly inspired all those who interacted with him.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ball, R., Fink, G.A., North, C.: Home-centric visualization of network traffic for security administration. In: Proc. Workshop on Visualization and Data Mining for Computer Security (VIZSEC/DMSEC), pp. 55–64 (2004)
Barghouti, N.S., Mocenigo, J., Lee, W.: Grappa: A GRAPh PAckage in Java. In: DiBattista, G. (ed.) GD 1997. LNCS, vol. 1353, pp. 336–343. Springer, Heidelberg (1997)
Chalmers, M.: A linear iteration time layout algorithm for visualising high-dimensional data. In: Proc. Conference on Visualization (VIS), pp. 127–132 (1996)
Conti, G.: Security Data Visualization. No Starch Press, San Francisco (2007), http://www.rumint.org
Di Battista, G., Mariani, F., Patrignani, M., Pizzonia, M.: Bgplay: A system for visualizing the interdomain routing evolution. In: Liotta, G. (ed.) GD 2003. LNCS, vol. 1353, pp. 295–306. Springer, Heidelberg (2003)
Eades, P.: A heuristic for graph drawing. Congr. Numer. 42, 149–160 (1984)
Ellson, J., Gansner, E.R., Koutsofios, L., North, S.C., Woodhull, G.: Graphviz and dynagraph - static and dynamic graph drawing tools. In: Graph Drawing Software, pp. 127–148. Springer, Heidelberg (2003)
Fruchterman, T., Reingold, E.: Graph drawing by force-directed placement. Softw. – Pract. Exp. 21(11), 1129–1164 (1991)
Girardin, L., Brodbeck, D.: A visual approach for monitoring logs. In: Proc. of USENIX Conference on System Administration (LISA), pp. 299–308 (1998)
Heitzmann, A., Palazzi, B., Papamanthou, C., Tamassia, R.: Effective visualization of file system access-control. In: Goodall, J.R., Conti, G., Ma, K.-L. (eds.) VizSec 2008. LNCS, vol. 5210, pp. 18–25. Springer, Heidelberg (2008)
Johnson, B., Shneiderman, B.: Tree maps: A space-filling approach to the visualization of hierarchical information structures. In: Proc. Conference on Visualization (VIS), pp. 284–291 (1991)
Mansmann, F., Meier, L., Keim, D.: Graph-based monitoring of host behavior for network security. In: Proc. Visualization for Cyper Security (VIZSEC), pp. 187–202 (2007)
Montemayor, J., Freeman, A., Gersh, J., Llanso, T., Patrone, D.: Information visualization for rule-based resource access control. In: Proc. of Int. Symposium on Usable Privacy and Security (SOUPS) (2006)
Muelder, C., Ma, K.L., Bartoletti, T.: A visualization methodology for characterization of network scans. In: Proc. Visualization for Cyber Security (VIZSEC) (2005)
Noack, A.: An energy model for visual graph clustering. In: Liotta, G. (ed.) GD 2003. LNCS, vol. 1353, pp. 425–436. Springer, Heidelberg (2003)
Noel, S., Jacobs, M., Kalapa, P., Jajodia, S.: Multiple coordinated views for network attack graphs. In: Proc.Visualization for Cyber Security (VIZSEC), pp. 99–106 (2005)
Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proc. Workshop on Visualization and Data Mining for Computer Security (VIZSEC/DMSEC), pp. 109–118 (2004)
Oberheide, J., Karir, M., Blazakis, D.: VAST: Visualizing autonomous system topology. In: Proc. Visualization for Cyber Security (VIZSEC), pp. 71–80 (2006)
Teoh, S.T., Ranjan, S., Nucci, A., Chuah, C.N.: BGP Eye: a new visualization tool for real-time detection and analysis of BGP anomalies. In: Proc. Visualization for Cyber Security (VIZSEC), pp. 81–90 (2006)
Toledo, J.: Etherape: a live graphical network monitor tool, http://etherape.sourceforge.net
Tölle, J., Niggermann, O.: Supporting intrusion detection by graph clustering and graph drawing. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907. Springer, Heidelberg (2000)
Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: Proc. Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 92–103 (2002)
Yao, D., Shin, M., Tamassia, R., Winsborough, W.H.: Visualization of automated trust negotiation. In: Proc. Visualization for Cyber Security (VIZSEC), pp. 65–74 (2005)
Yin, X., Yurcik, W., Treaster, M., Li, Y., Lakkaraju, K.: VisFlowConnect: Netflow visualizations of link relationships for security situational awareness. In: Proc. Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC), pp. 26–34 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tamassia, R., Palazzi, B., Papamanthou, C. (2009). Graph Drawing for Security Visualization. In: Tollis, I.G., Patrignani, M. (eds) Graph Drawing. GD 2008. Lecture Notes in Computer Science, vol 5417. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00219-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-00219-9_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00218-2
Online ISBN: 978-3-642-00219-9
eBook Packages: Computer ScienceComputer Science (R0)