Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
You can change this under Settings & Account at any time.
Four Steps to Visual Analytics for Cyber Security
Transcript of Four Steps to Visual Analytics for Cyber Security
for Cyber Security
Step 1: Data preparation
Step 2: Statistical classification & feature selection
Step 3: Visual anomaly detection
Step 4: Visual analytics
VAST 2013 Challenge
Mini-Challenge 3: Visual Analytics for Network Situation Awareness
SAS Enterprise Guide (for data pre-processing)
SAS Enterprise Miner (for statistical classification and feature selection)
SAS Visual Analytics (for information visualization)
What are the key network and machine problems?
Which are key variables?
When did they occur?
Where are suspicious external IP addresses, and compromised internal servers and workstations?
Statistical classification and feature selection
Visual analytics for visual anomaly detection
Visual analytics for drilling down into specifics
w1 NF + BB
w2 NF + BB
w2 NF + BB + IPS
High accuracy from all 3
logistic regression models
(R2 > 0.97)
Data with 1-minute granularity with most suspicious minutes worthy of investigation into raw datasets
Line charts (with forecasting)
Treemaps (with hierarchies)
Bubble plots (with animation)