Cylindrical Coordinates Security Visualization for multiple domain command and control botnet detection

Ilju Seo, Heejo Lee, Seung Chul Han

Research output: Contribution to journalArticle

10 Citations (Scopus)

Abstract

The botnets are one of the most dangerous species of network-based attack. They cause severe network disruptions through massive coordinated attacks nowadays and the results of this disruption frequently cost enterprises large sums in financial losses. In this paper, we make an in-depth investigation on the issue of botnet detection and present a new security visualization tool for visualizing botnet behaviors on DNS traffic. The core mechanism is developed with the objective of enabling users to recognize security threats promptly and mitigate the damages by only visualizing DNS traffic in cylindrical coordinates. We compare our visualization method with existing ones and the experimental results show that ours has greater perceptual efficiency. The ideas and results of this study will contribute toward designing an advanced visualization technique that offers better security. Also, the approach proposed in this study can be utilized to derive new and valuable insights in security aspects from the complex correlations of Big Data.

Original languageEnglish
Pages (from-to)141-153
Number of pages13
JournalComputers and Security
Volume46
DOIs
Publication statusPublished - 2014 Jan 1

ASJC Scopus subject areas

  • Computer Science(all)
  • Law

Fingerprint Dive into the research topics of 'Cylindrical Coordinates Security Visualization for multiple domain command and control botnet detection'. Together they form a unique fingerprint.

  • Cite this