Visual correlation of host processes and network traffic

@article{Fink2005VisualCO,
  title={Visual correlation of host processes and network traffic},
  author={Glenn A. Fink and Paul Muessig and Chris North},
  journal={IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05).},
  year={2005},
  pages={11-19}
}
Anomalous communication patterns are one of the leading indicators of computer system intrusions according to the system administrators we have interviewed. But a major problem is being able to correlate across the host/network boundary to see how network connections are related to running processes on a host. This paper introduces Portall, a visualization tool that gives system administrators a view of the communicating processes on the monitored machine correlated with the network activity in… CONTINUE READING
Highly Cited
This paper has 62 citations. REVIEW CITATIONS

Citations

Publications citing this paper.
Showing 1-10 of 32 extracted citations

62 Citations

051015'07'10'13'16
Citations per Year
Semantic Scholar estimates that this publication has 62 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 14 references

Rivet: The Visible Computer

  • Robert Bosch
  • http://graphics.stanford.edu/projects/rivet…
  • 2005
2 Excerpts

System Administrators and Their Security Awareness Tools.

  • Glenn A. Fink, Ricardo Correa, Chris North
  • 2005
2 Excerpts

The Host/Network Divide.

  • Glenn A. Fink, Vedavyas Duggirala, Chris North
  • submitted for publication,
  • 2005
2 Excerpts

Similar Papers

Loading similar papers…