I have just published an article related to malware collection log visualization.
The paper focus on visualization of Nepenthes logs using AfterGlow. In the paper you can find information about correlation ips with countries and binary files with ClamAV signatures with the goal of generating interesting graphs.
You can get it at
An approach to malware collection log visualization
Regards
Trackback URL for this post:
http://secviz.org/trackback/106
Broken Link
The above link is broken, luckily PacketStorm mirrored it already:
http://packetstormsecurity.org/papers/evaluation/An-approach-to-malware-collection-log-visualization.pdf