1 / 15

Using Geographic Information Systems for Enhanced Security Visualization

Using Geographic Information Systems for Enhanced Security Visualization. Matthew Dunlop David Shelly. Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech. Agenda. Purpose Problem Study Design Results Prototype Future.

dnieto
Télécharger la présentation

Using Geographic Information Systems for Enhanced Security Visualization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using Geographic Information Systems for Enhanced Security Visualization Matthew Dunlop David Shelly Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech

  2. Agenda • Purpose • Problem • Study • Design • Results • Prototype • Future Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech

  3. Purpose • To design a usable security visualization prototype tool that leverages global information systems (GIS) • Present security information more clearly • Facilitate rapid identification of network security shortcomings • Allow better protection of critical network assets

  4. Problem • Information overload • VT processes over 5 million emails per day • Manages over 500 SMTP & 3500 HTTP servers • Analysts rely on multiple tools • Analysis takes more time • Popular tools are not very usable • Primarily text based • Do not scale well for large networks • Graphical representations are not intuitive • GIS adds context as well as scalability

  5. Current Security Tools – Text-based Snort Wireshark

  6. Current Security Tools – Graphical The Network Visualizer Rumint

  7. Study Design - Participants • Virginia Tech system administrators • SANS IT professionals • U.S. Army network engineers 50 respondents

  8. Study Design – Question Areas • Background Information • System Information • Security Information • Security Tools • GIS Information

  9. Study Results – Background

  10. Study Results - Preferences • Top usability improvements • Improved user interface • Better summary of information • Improved visual representation • Other findings • Prefer customizability • Multiple tools = longer time to isolate threats Most important aspects of security tools

  11. Study Results - Visualization • Visualization not widely used • 50% never used it to visualize networks • 76% never used it to visualize security • Openness to GIS visualization • 76% feel GIS tool would be useful for network visualization • 50% envision using it for security visualization • Helpful in explaining security to technical and nontechnical audiences

  12. PrototypeDesign Color-coded security status Ability to drill down Filtering options Device details

  13. Detailed View

  14. Future Work • Build working model of prototype • Conduct usability study

  15. Questions

More Related