Visual exploration of network hostile behavior

Jorge Guerra, Carlos Adrián Catania, Eduardo Veas

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


This paper presents a graphical interface to identify hostile behavior in network logs. The problem of identifying and labeling hostile behavior is well known in the network security community. There is a lack of labeled datasets, which make it difficult to deploy automated methods or to test the performance of manual ones. We describe the process of searching and identifying hostile behavior with a graphical tool derived from an open source Intrusion Prevention System, which graphically encodes features of network connections from a log-file. A design study with two network security experts illustrates the workflow of searching for patterns descriptive of unwanted behavior and labeling occurrences therewith.
Original languageEnglish
Title of host publicationProceedings of the 2017 ACM Workshop on Exploratory Search and Interactive Data Analytics
PublisherAssociation of Computing Machinery
Number of pages4
ISBN (Electronic)978-145034903-1
Publication statusPublished - 2017
EventACM Workshop on Exploratory Search and Interactive Data Analytics: ESIDA 2017 - Limassol, Cyprus
Duration: 13 Mar 2017 → …


WorkshopACM Workshop on Exploratory Search and Interactive Data Analytics
Period13/03/17 → …

Cite this