Many times, network intrusion attempts begin with either a network scan, where a connection is attempted to every possible destination in a network, or a port scan, where a connect...
Considerable research has been done on detecting and blocking portscan activities that are typically conducted by infected hosts to discover other vulnerable hosts. However, the f...
Most visualizations of security-related network data require large amounts of finely detailed, high-dimensional data. However, in some cases, the data available can only be coars...
Jonathan McPherson, Kwan-Liu Ma, Paul Krystosk, To...
This paper presents PCAV (Parallel Coordinates Attack Visualizer), a real-time visualization system for detecting large-scale Internet attacks including Internet worms, DDoS attack...
Coordinated attacks, where the tasks involved in an attack are distributed amongst multiple sources, can be used by an adversary to obfuscate his incursion. In this paper we prese...