Industrial Networks and Intelligent Systems. Second International Conference, INISCOM 2016, Leicester, UK, October 31 – November 1, 2016, Revised Selected Papers

Research Article

Security Visualization: Detecting Denial of Service

  • @INPROCEEDINGS{10.1007/978-3-319-52569-3_4,
        author={Glen Hawthorne and Ying He and Leandros Maglaras and Helge Janicke},
        title={Security Visualization: Detecting Denial of Service},
        proceedings={Industrial Networks and Intelligent Systems. Second International Conference, INISCOM 2016, Leicester, UK, October 31 -- November 1, 2016, Revised Selected Papers},
        proceedings_a={INISCOM},
        year={2017},
        month={6},
        keywords={Denial of service attack Security visualization Web logs Intrusion detection},
        doi={10.1007/978-3-319-52569-3_4}
    }
    
  • Glen Hawthorne
    Ying He
    Leandros Maglaras
    Helge Janicke
    Year: 2017
    Security Visualization: Detecting Denial of Service
    INISCOM
    Springer
    DOI: 10.1007/978-3-319-52569-3_4
Glen Hawthorne1,*, Ying He1,*, Leandros Maglaras1,*, Helge Janicke1,*
  • 1: De Montfort University
*Contact email: grhawthorne@googlemail.com, ying.he@dmu.ac.uk, leandros.maglaras@dmu.ac.uk, heljanic@dmu.ac.uk

Abstract

Denial Of Service attacks are notorious attack methods used to target servers of IT systems and Industrial Control Systems to prevent them from working or to reduce efficiency, hence decreasing user experience. Visualization is the method of taking data, processing and displaying data in an easy to view format. Visualization could be used to identify Denial Of Service attacks by monitoring the data sent to clients and being displayed to the users. Manipulating the type of data shown and the format it is shown in can help users spot potential attacks by seeing outliers in the data sets. This research develops novel software that can run on an web server. It processes the web access logs, displays the data to users and identify potential attacks in access logs. The software has been tested, with the majority of tests passing. Further development of the project is discussed and the main areas for development are also explored.