SecGrid: a Visual System for the Analysis and ML-based Classification of Cyberattack Traffic

Franco, Muriel Figueredo; Assen, Jan von der; Boillat, Luc; Killer, Christian; Rodrigues, Bruno; Scheid, Eder J.; Granville, Lisandro Zambenedetti; Stiller, Burkhard

doi:10.1109/lcn52139.2021.9524932

Cited by 11 publications

(3 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the other hand, other researchers focused on collecting data concerning specific types of attacks to be collected and classified. The DDoSGrid dashboard was created in [17] to analyze and visualize distributed denial-of-service (DDoS) attacks. This was motivated by the demand for network operators to recognize the characteristics and behaviors of attacks, and hence more effectively plan cybersecurity strategies.…”

Section: Related Workmentioning

confidence: 99%

“…Our work, in turn, contributes to both works in collecting data from the whole world. Both works proposed in [17,18] focused on collecting data concerning specific types of attacks, i.e., DDoS attacks, to be clustered and classified. Hence, our work contributes to both works in collecting tweets concerning different types of cyberattacks published on the X platform.…”

Section: Comparison With Existing Workmentioning

confidence: 99%

See 1 more Smart Citation

A Novel NLP-Driven Dashboard for Interactive CyberAttacks Tweet Classification and Visualization

Lughbi,

Mars,

Almotairi

2024

Information

View full text Add to dashboard Cite

The pervasive reach of social media like the X platform, formerly known as Twitter, offers unique opportunities for real-time analysis of cyberattack developments. By parsing and classifying tweets related to cyberattacks, we can glean valuable insights into their type, location, impact, and potential mitigation strategies. However, with millions of daily tweets, manual analysis is inefficient and time-consuming. This paper proposes an interactive and automated dashboard powered by natural language processing to effectively address this challenge. First, we created the CybAttT dataset, which contains 36,071 manually labeled English cyberattack tweets. We experimented with different classification algorithms. Following that, the best model was deployed and integrated into the streaming pipeline for real-time classification. This dynamic dashboard makes use of four different visualization formats: a geographical map, a data table, informative tiles, and a bar chart. Users can readily access crucial information about attacks, including location, timing, and perpetrators, enabling a swift response and mitigation efforts. Our experimental results demonstrated the dashboard’s promising visualization capabilities, highlighting its potential as a valuable tool for organizations and individuals seeking an intuitive and comprehensive overview of cyberattack events.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Comparison With Existing Workmentioning

confidence: 99%

A Novel NLP-Driven Dashboard for Interactive CyberAttacks Tweet Classification and Visualization

Lughbi,

Mars,

Almotairi

2024

Information

View full text Add to dashboard Cite

show abstract

“…Such activities often indicate recurring patterns in network usage and can be malicious or benign. Inferring periodic activities of unknown origins will typically trigger a detailed post-mortem and offline forensic analysis by the network operator [Franco et al 2021] to identify the observed periodic activities' root cause(s). Examples of such efforts include detecting anomaly behavior [Du et al 2018, Ji, Choi e Jeong 2015, reconstructing the signal of a network communication [Jiang et al 2020], and analyzing the energy spectrum [Yue et al 2018].…”

mentioning

confidence: 99%

DWT in P4: Periodicity Detection in the Data Plane

Huaytalla

Jacobs

Silva

et al. 2022

GLOBECOM 2022 - 2022 IEEE Global Communications Conference

View full text Add to dashboard Cite

Firstly, I would like to start by thanking my mothers, Raquel, Sara, and Rosula, because you always supported me from a distance, encouraged me, and reminded me of my way and my dreams of pursuing my master's degree in another country. Mommy, until your last days, you guided me and reminded me of what my duty was and gave me the motivation to finish my master's degree; you always will be in my mind and my heart.Raquel, besides being my mother, you are my best friend. Thank you for all the support, love, understanding, and advice you give me daily. It was a great help all this time. Mom Sara, you always encourage me and support my dreams and ideas. All of you are the best of my life. I love you so much.I also thank my advisor, Prof. Lisandro Zambenedetti Granville, first for the opportunity and acceptance to be my advisor for believing and investing in me. I am grateful for the valuable lessons and teachings that you gave me to be a better researcher. In addition, I would like to thank my co-advisor, Prof. Ronaldo Alves Ferreira, for his guidance and time, always trying to polish my inner researcher and helping me with the most challenging problems in our research. Equally, I would like to thank Arthur Selle Jacobs for his guidance, advice, and time to help me understand our research's core. Also, I am thankful to my professors from the Institute of Informatics at UFRGS, who taught me, guided me, and gave me their support during my master's degree, professors Jefferson Campos Nobre and Luciano Paschoal Gaspary. And thank the administrative staff of the informatics institute, Luis Otavio, Silvania, Eliane and Rossane, for the support provided. Also, I want to thank the JEMS project of which I was a part, and it took me to meet Marcus and Tiago, with whom I had the honor of teaming up. I thank my best friend and brother, Victor, for his support. He was always ready to help me when needed, even from a distance, and encouraged me at every step I took.During my journey toward the master's degree, I met exceptional people who always encouraged and supported me. Laura, Marcelo, Francisco, Nicolas, Ricardo, Luciano and Faezeh, thank you very much. Laura and Marcelo, you are an essential part of my life.You became my guardian angels and were my main support in the most difficult times, and Francisco joined the group. Thank you very much for all the support guys. I am very grateful to meet you. I adore you very much. All of you have my profound appreciation.

show abstract

The Role of Network Centralization in Shaping Digital Sovereignty: An Analysis Under the DNS Lens

Azevedo,

Scheid,

Franco

et al. 2024

Int J Network Mgmt

View full text Add to dashboard Cite

Centralization of Internet‐based services in a few key players has been a topic of study in recent years. One of such services, the domain name system (DNS), is one of the pillars of the Internet, which allows users to access websites on the Internet through easy‐to‐remember domain names rather than complex numeric IP addresses. In this DNS context, the reliance on a small number of large DNS providers can lead to (a) risks of data breaches and disruption of service in the event of failures and (b) concerns about the digital sovereignty of countries regarding DNS hosting. As several essential services are provided through electronic government (E‐Gov), it is highly important to be able to measure the digital sovereignty of a nation and the impacts that the lack of such feature can bring to its citizens. This work approaches the issue of DNS concentration on the Internet by presenting a solution to measure DNS hosting centralization and digital sovereignty in different countries, such as Brazil, India, China, Russia, and South Africa. With the data obtained through these measurements, relevant questions are answered, such as which are the top‐10 DNS providers, if there is DNS centralization, and how dependent countries are on such providers to manage domains using their country code top‐level domains (ccTLD). Future opportunities could investigate the impacts on sovereignty under the lens of other layers of the open systems interconnection (OSI) Network Sovereignty representation model presented in this work.

show abstract

SecGrid: a Visual System for the Analysis and ML-based Classification of Cyberattack Traffic

Cited by 11 publications

References 14 publications

A Novel NLP-Driven Dashboard for Interactive CyberAttacks Tweet Classification and Visualization

A Novel NLP-Driven Dashboard for Interactive CyberAttacks Tweet Classification and Visualization

DWT in P4: Periodicity Detection in the Data Plane

The Role of Network Centralization in Shaping Digital Sovereignty: An Analysis Under the DNS Lens

Contact Info

Product

Resources

About