Presented at
CarolinaCon 14 (2018),
April 13, 2018, 10 p.m.
(60 minutes)
This talk will discuss the benefits of data visualization when performing security analysis and also presenting analysis findings. Too often information security analysts try to solve complex security problems by looking at the output of a .txt document. Even worse they present their findings with the same dull output they used for analysis. The security community need to take some direction from the infographic age and display data in way their clients can easily digest. During this talk I will talk about a variety of techniques one could use to help identify malicious patterns in data sets and how to present them by visualizing the data in graphs like:
Time Series / Timelines
Distributions
Correlation Plots
Ranking
Maps
Flow
These visualizations (if used correctly) can serve as a tool for information security analysts to detect and present findings that show the threat.
Presenters:
-
TJ (@reonfleek)
TJ Nelson is a Research Analyst on Arbor's ASERT Team. His duties include analyzing emerging threats to Internet security, reverse engineering malicious code and communications protocols, developing policies for attack mitigation, and contributing to the continual improvement and automation of Arbor's internal threat analysis software infrastructure. Prior to Arbor, TJ was a Senior Incident Response Consultant for SecureWorks where he investigated large scale targeted threat intrusions for their Special Operations Team. He organizes his local Security B-Sides conference and leads a local information security group. TJ has a B.S. in Network Security from Rochester Institute of Technology and a M.S. Computer Information Systems from Boston University.
Links:
Similar Presentations: