William Yurcik

Learn More
The number of attacks against large computer systems is currently growing at a rapid pace. Despite the best efforts of security analysts, large organizations are having trouble keeping on top of the current state of their networks. In this paper, we describe a tool called NVisionIP that is designed to increase the security analyst's situational awareness.(More)
We routinely hear vendors claim that their systems are “secure.” However, without knowing what assumptions are made by the vendor, it is hard to justify such a claim. Prior to claiming the security of a system, it is important to identify the threats to the system in question. Enumerating the threats to a system helps system architects develop realistic and(More)
We present a visualization design to enhance the ability of an administrator to detect and investigate anomalous traffic between a local network and external domains. Central to the design is a parallel axes view which displays NetFlow records as links between two machines or domains while employing a variety of visual cues to assist the user. We describe(More)
The critical role of the human operator in security operations has not been a focus of existing tools created by security developers. In this paper we describe interface requirements for usable and effective security operations tools to assess security situational awareness on large and complex computer networks. We have developed two prototype security(More)
Tele-immersive systems can improve productivity and aid communication by allowing distributed parties to exchange information via a shared immersive experience. The TEEVE research project at the University of Illinois at Urbana-Champaign and the University of California at Berkeley seeks to foster the development and use of tele-immersive environments by a(More)
The popularity of distributed file systems continues to grow. Reasons they are preferred over traditional centralized file systems include fault tolerance, availability, scalability and performance. In addition, peer-to-peer (P2P) system concepts and scalable functions are being incorporated into the domain of file systems. This survey paper explores the(More)
Intrusion detection is an important part of networkedsystems security protection. Although commercial products exist, finding intrusions has proven to be a difficult task with limitations under current techniques. Therefore, improved techniques are needed. We argue the need for correlating data among different logs to improve intrusion detection systems(More)
We present the design and implementation of VisFlowConnect, a powerful new tool for visualizing network traffic flow dynamics for situational awareness. The visualization capability provided by VisFlowConnect allows an operator to assess the state of a large and complex network given an overall view of the entire network and filter/drill-down features with(More)
Application-level peer-to-peer (P2P) network overlays are an emerging paradigm that facilitates decentralization and flexibility in the scalable deployment of applications such as group communication, content delivery, and data sharing. However the construction of the overlay graph topology optimized for low latency, low link and node stress and lookup(More)