Document Type

Journal Article

Publisher

Association of Digital Forensics, Security and Law

Faculty

Computing, Health and Science

School

Computer and Security Science, Centre for Security Research

RAS ID

8222

Comments

This article was originally published as: Valli, C. (2009). Visualisation of Honeypot Data Using Graphviz and Afterglow. Journal of Digital Forensics, Security and Law, 4(2), 27-38. Original article available here

Abstract

This research in progress paper explores the use of Graphviz and Afterglow for the analysis of data emanating from a honeypot system. Honeypot systems gather a wide range of data that is often difficult to readily search for patterns and trends using conventional log file analysis techniques. The data from the honeypots has been statically extracted and processed through Afterglow scripts to produce inputs suitable for use by the DOT graph based tools contained within Graphviz. This paper explores some of the benefits and drawbacks of currently using this type of approach.

 
COinS