This is where you can start discussions around security visualization topics. Add your own entry and have people make comments.
Discussions
Discussion Entries
DAVIX Workshop Slides from DefCon 2008
For those who are interested, here are the slides from the DAVIX workshop that Jan Monsch and Raffael Marty taught at DefCon 2008 in Vegas. The content is as follows:
- What's DAVIX all about? Architecture of the CD, etc.
- Very short introduction to Visualization
- An example analysis, how to detect worms in cell phone networks
Learn more about DAVIX.
- Add new comment
- 300 reads
DAVIX 1.0.1 Released
After months of building and testing, the long anticipated release of DAVIX - The Data Analysis & Visualization Linux® - arrived last week during Blackhat/DEFCON in Las Vegas. It is a very exiting moment for us and we are curious to see how the product is received by audience. So far the ISO image has been downloaded at least 600 times from our main distribution server. Downloads from the mirrors are not accounted.
All those eager to get their hands dirty immediately can find a description as well as the download links for the DAVIX ISO image on the DAVIX homepage.
We wish you happy visualizing!
Kind regards
Jan
- Add new comment
- 264 reads
SecViz got a new Logo
Have you noticed? There is a new logo for secviz.org. To be correct this is the first real logo. What was there before wasn't really a logo.

- Add new comment
- 239 reads
Applied Security Visualization Book is Available!

The Applied Security Visualization book is DONE and available in your favorite store!
You can download an electronic version of Chapter 5 for free! The book also ships with a version of DAVIX, the Data Analysis and Visualization Linux!
Martin McKeay recorded a podcast with me where I talk a little bit about the book.
- 1 comment
- 761 reads
Picviz 0.2 is out!
From release notes:
Picviz is a parallel coordinates plotter which enables easy scripting from
various input (tcpdump, syslog, iptables logs, apache logs, etc..) to visualize
your data and discover interesting results quickly.
Picviz helps you to create, automate and understand parallel coordinates plots.
Its primary goal is to graph data in order to be able to quickly analyze
problems and find correlations among variables. With security analysis in mind,
the program has been designed to be very flexible, able to graph millions of
events.
The language is designed to be close to the graphviz graph description
language.
Picviz features a language to describe your graphs; An engine producing images
in parallel coordinates from this language; Python bindings to gather
calculated data, raw data and a frontend written in Python and QT4.
You can download the program from its project page.
- Add new comment
- 472 reads
ISSA Journel - Security Visualization: What you don’t see can hurt you
Russ McRee wrote an article for the ISSA journel where he describes various security visualization approaches. SecViz is prominently featured, as well as a few tools, such as TNV, InetVis, and Rumint. The article also mentions DAVIX. You can read the article here.
In an older article, Russ talked about Argus – Auditing network activity. In that article, he mentions how to use AfterGlow for network traffic analysis.
- Add new comment
- 497 reads
Applied Security Visualization PodCast from FIRST 2008
At the end of June, during FIRST 2008, Peter Wood and Ben Chai interviewed me about my Applied Security Visualization talk and my book. I really like how the podcast turned out. Tune in!
- Add new comment
- 571 reads
Applied Security Visualization - FIRST 2008 Talk
I taught a workshop in Vancouver at the FIRST 2008 conference. I put the slides for the talk about Applied Security Visualization online. It covers parts of the book on the same topic. The outline of the talk looks as follows:
|
|
The podcast discussing the presentation.
- Add new comment
- 714 reads
VizSec 2008 Call for Posters and Demos
VizSEC 2008 Workshop on Visualization for Cyber Security
http://vizsec.org/workshop2008/
September 15, 2008 / Cambridge, MA USA
In conjunction with RAID 2008
Submission deadlines:
Poster and Demo submissions - July 18, 2008
VizSec is accepting submissions (2 page abstract) for posters and demonstrations. Poster and Demo abstracts will be made available on the VizSec web site.
Posters
Posters can be used to describe work in progress or updates to previously published VizSec research or R&D. Poster submissions should consist of a 2 page abstract. Poster will be presented at the VizSec/RAID reception. Abstracts will be made available on the web site.
Demos
Demonstrations can be used to show new or updated development efforts. Demo submissions should consist of a 2 page abstract. Demonstrations will take place at the VizSec/RAID reception. (You will need to bring a laptop for demos.) Abstracts will be made available on the web site.
- Add new comment
- 435 reads
New Paper - An approach to malware collection log visualization
I have just published an article related to malware collection log visualization.
The paper focus on visualization of Nepenthes logs using AfterGlow. In the paper you can find information about correlation ips with countries and binary files with ClamAV signatures with the goal of generating interesting graphs.
You can get it at
An approach to malware collection log visualization
Regards
- 1 comment
- 431 reads