The objective of this paper is to provide guidelines on information security data visualization and insights with repeatable process and examples on visualizing (communicating) information security data. Security data visualization can be used in many areas in information security. Security metrics, Security monitoring, anomaly detection, forensics, and malware analysis are examples where security data visualization can play a vital role and make us better security professionals. Security data visualization also plays key role in emerging fields such as data science, machine learning, and exploratory data analytics. There are many uses for security data visualization; so, in order to cover key aspects the paper is categorized in to two parts. The first category is communicating value. There is a well-known proverb “a picture is worth a thousand words” (Piqua Leader-Dispatch, One Look Is Worth A Thousand Words, 1913, p. 2) which explains this. The problem with traditional metrics is numbers and tables can be daunting and details can be missed easily. Visualizing it will enable the security team to highlight the salient points in the data. Security data visualization enables you to tell a story with the data. Information security is becoming a common topic in boardroom discussions and it is becoming more and more important that the value of information security is communicated to business leaders. The second category is finding anomalies using security data visualization. One of the key strengths of security teams is access to enterprise log data, meta-data, network traffic data, and netflow data. The challenge is finding and isolating the bad actors from legitimate traffic. The human mind, by evolution, is trained to identify patterns and anomalies using visualization. Security professionals can benefit by visualizing enterprise data to find anomalies and identify patterns which will be helpful in isolating events which might indicate compromise. Hopefully some of the examples will be useful to generate more ideas in this space and will be a valuable resource for all Information Security practitioners. Once security professionals get an understanding of using security data visualization it will open a whole new world and there is a possibility that this knowledge of security data science will have significant improvement on information security tasks. Security Data Visualization [email protected] 1.0 Introduction Security data visualization can be used in many areas in information security. Security metrics, Security monitoring, anomaly detection, forensics, and malware analysis are examples where security data visualization can play a vital role and make us better security professionals. Till now security professionals were able to survive with Microsoft Excel and similar tools without in-depth knowledge in security data visualization. But security data visualization is becoming extremely important due to big data, machine learning and exploratory data analytics. Due to the volume of data in big data it is extremely impossible to find anomalies using traditional methods. First thing to do after a statistical computation is to understand the data visually. Recent generations of SIEM log collection and correlation solutions use big data analytics. Security data visualization plays a very vital part in analyzing the big data. Data science field is evolving at a rapid pace. Data visualization is important component of data science. Botnet Visualization Microsoft’s Digital Crimes Unit tapped The Office for Creative Research, a multidisciplinary digital design group based in New York, to come up with new ways of looking at one particular threat: botnets, the global networks of infected computers that cyber criminals enlist to do their bidding. OCR came up with a prototype tool called Specimen Box. Specimen Box offers many views including live display of botnet activity “which can be used to analyze botnet data” (“#005: The Sight and Sound of CyberCrime”, o-c-r.org, 2014, para. 3). Security Data Visualization [email protected] Reverse Engineering Security data visualization is used more and more in reverse engineering. “In this engaging TED(TED is a platform for ideas worth spreading talk, Chris Domas shows how researchers use pattern recognition and reverse engineering (and pull a few allnighters) using visualization to understand a chunk of binary code whose purpose and contents they don’t know.”( Domas, C. (n.d.).
PLACE YOUR ADVERT HERE
- ACCOUNTING PROJECT TOPICS AND MATERIALS3553
- EDUCATION PROJECT TOPICS AND MATERIALS3486
- ENGLISH AND LINGUISTIC PROJECT TOPICS AND MATERIALS2939
- COMPUTER SCIENCE PROJECT TOPICS AND MATERIALS FINAL YEAR1274
- BANKING AND FINANCE PROJECT TOPICS AND MATERIALS1250
- BUSINESS ADMINISTRATION PROJECT TOPICS AND MATERIALS1236
- EDUCATION FOUNDATION GUIDANCE AND COUNSELLING TOPICS AND MATERIALS1045
- ZOOLOGY PROJECT TOPICS AND MATERIALS1002
- MASS COMMUNICATION PROJECT TOPICS AND MATERIALS1001
- ANIMAL SCIENCE PROJECT TOPICS AND MATERIALS978
- LAW PROJECT TOPICS AND MATERIALS896
- ARTS EDUCATION PROJECT TOPICS AND MATERIALS844
- MARKETING PROJECT TOPICS AND MATERIALS690
- AGRICULTURAL EXTENSION PROJECT TOPICS AND MATERIALS676
- PUBLIC ADMINISTRATION PROJECT TOPICS AND MATERIALS654
LATEST PROJECTS
STUDIES ON SOME ASPECTS OF ANTHRACNOSE-BLIGHT-DIEBACK COMPLEX OF CULTIVARS OF GRAPEVINES (VITIS SPP.) IN...
GENETIC VARIABILITY STUDIES OF TWENTY POTATO GENOTYPES
RELATIONSHIP OF HAEMOGLOBIN AND POTASSIUM POLYMORPHISM WITH CONFORMATION, MILK PRODUCTION AND BLOOD BIOCHEMICAL PROFILES...
ADOPTION OF AGRICULTURAL INNOVATIONS AMONG MEMBERS AND NON-MEMBERS OF WOMEN CO-OPERATIVE SOCIETIES IN OJU...
SMALL FARMER CREDIT WITH PARTICULAR REFERENCE TO NIGERIA
DISCLAIMER
All undertaking works, records and reports posted on this website, modishproject.com are the property/copyright of their individual proprietors. They are for research reference/direction purposes and the works are publicly supported. Do not present another person’s work as your own to maintain a strategic distance from counterfeiting its results. Use it as a guide and not to duplicate the work in exactly the same words (verbatim). modishproject.com is a vault of exploration works simply like academia.edu, researchgate.net, scribd.com, docsity.com, coursehero and numerous different stages where clients transfer works. The paid membership on modishproject.com is a method by which the site is kept up to help Open Education. In the event that you see your work posted here, and you need it to be eliminated/credited, it would be ideal if you call us on +2348053692035 or send us a mail along with the web address linked to the work, to [email protected]. We will answer to and honor each solicitation. Kindly note notification it might take up to 24 - 48 hours to handle your solicitation.