Honeynet Forensic Challenge 10
Real-Time Visual Analytics: Interactive Monitoring of System Log Events
With a modified version of our visual analytics tool Event Visualizer we won the Forensic Challenge 2011/10 about attack visualization by The Honeynet Project. Our submission can be found here.
Software
The log monitoring tool used in this challenge, which is based on the Event Visualizer framework, is not open source yet. It is unclear if I will publish the software. Because I’m unsure how much time I can spend on that project in the near future to make it useful for a broader audience. However, a publication about this general visual analytics framework will be published at SAC 2012. Its main purpose is visual analytics for general real-time event data.