Proposal / Submission Type
Peer Reviewed Paper
Location
Burlington, Vermont
Start Date
20-5-2009 2:30 PM
Abstract
This research in progress paper explores the use of Graphviz and Afterglow for the analysis of data emanating from a honeypot system. Honeypot systems gather a wide range of data that is often difficult to readily search for patterns and trends using conventional log file analysis techniques. The data from the honeypots has been statically extracted and processed through Afterglow scripts to produce inputs suitable for use by the DOT graph based tools contained within Graphviz. This paper explores some of the benefits and drawbacks of currently using this type of approach.
Keywords: honeypot, network forensics, visualization, Graphviz, Afterglow
Scholarly Commons Citation
Valli, Craig, "Visualization of honeypot data using Graphviz and Afterglow" (2009). Annual ADFSL Conference on Digital Forensics, Security and Law. 4.
https://commons.erau.edu/adfsl/2009/wednesday/4
Included in
Computer Engineering Commons, Computer Law Commons, Electrical and Computer Engineering Commons, Forensic Science and Technology Commons, Information Security Commons
Visualization of honeypot data using Graphviz and Afterglow
Burlington, Vermont
This research in progress paper explores the use of Graphviz and Afterglow for the analysis of data emanating from a honeypot system. Honeypot systems gather a wide range of data that is often difficult to readily search for patterns and trends using conventional log file analysis techniques. The data from the honeypots has been statically extracted and processed through Afterglow scripts to produce inputs suitable for use by the DOT graph based tools contained within Graphviz. This paper explores some of the benefits and drawbacks of currently using this type of approach.
Keywords: honeypot, network forensics, visualization, Graphviz, Afterglow
