Information visualization: a cyber security storm map

When a cyber security event occurs, a person has to answer the following questions: what events are happening; where are the events occurring; and how much damage has occurred or will occur. Therefore, this research recommends a cyber security monitoring system that provides correlation of time-series event data, a visual representation of the security events, and gives a predictive forecast of potential events based on known environmental states. The rationale for this comes from the need to have an overall view of security events or storms that are occurring on a network while providing information in reference to severity and a propagation pattern. Thus, it can potentially provide early warnings so that events or storms can be proactively mitigated. In addition, it can help in making business decisions by determining or understanding the relationship between the computing devices and the business/information technology services they make up. Therefore, goal of the research is to develop efficient software to visualize security events in a user-friendly manner. To achieve this goal different fields such as the following are leveraged: Business Continuity, Information Visualization, Human Computer Interaction (HCI), Network Security, Data mining. In order to accomplish the fore mentioned features, methods such as event correlation, geospatial information, information visualization, and human computer interaction are incorporated.