Analytical Visualization Techniques for Security Information and Event Management

Abstract

The paper proposes the architecture of the visualization component for the Security Information and Event Management (SIEM) system. The SIEM systems help to comprehend large amounts of the security data. Visualization is the essential part of the SIEM systems. The suggested architecture of the visualization component allows incorporating different visualization technologies and extending easily the application functionality. To illustrate the approach, we developed the prototype of the SIEM visualization component. The paper demonstrates the graphical user interface of the attack modeling component. To increase the efficiency of the visualization techniques we applied principles of the human information perception and interaction issues when designing graphical components.