| Popis: |
PurposeThe purpose of this paper is to propose novel information visualization and interaction techniques to help security administrators analyze past web form submissions, with the goals of searching, inspecting, verifying, and understanding about malicious submissions.Design/methodology/approachThe authors utilize well‐known visual design principles in the techniques to support the analysis process. They also implement a prototype and use it to investigate simulated normal and malicious web submissions.FindingsThe techniques can increase analysts' efficiency by displaying large amounts of information at a time, help analysts detect certain kinds of anomalies, and support the analyzing process via provided interaction capabilities.Research limitations/implicationsDue to resources constraints, the authors experimented on simulated data only, not real data.Practical implicationsThe techniques can be used to investigate past web form submissions, which is a first step in analysing and understanding the current security situation and attackers' skills. The knowledge gained from this process can be used to plan for effective future defence strategy, e.g. by improving/fine‐tuning the attack signatures of an automatic intrusion detection system.Originality/valueThe visualization and interaction designs are the first visual analysis technique for security investigation of web form submissions. |
