Publications

The Security Data Lake

This book is the first publication to explain the concept of a security data lake using big data technologies.

Security Data Visualization

Two contributed chapters, one on firewall log analysis and one on IDS signature tuning using visual methods.

Applied Security Visualization

Being the first published book on security visualization, this book provides a hands-on exploration of the topic of visualization in the cyber security realm.

Snort - IDS and IPS Toolkit

Contributed chapter on security data analysis and reporting for Snort.

Cloud Application Logging for Forensics

Identifying and Visualizing the Malicious Insider Threat Using Bipartite Graphs

Challenge 5 of the Forensic Challenge 2010 - Log Mysteries

DAVIX gegen Goliath

Security Visualization - Learning From The New York Times

Design of an Intrusion-Tolerant Intrusion Detection System

Long-term research project funded by the European Union under the Information Society Fifth Framework Programme.

GCIA paper

how I analyzed a dataset given by SANS. I used graphing techinques, GraphViz and other tools, to automatically generate visual images of the dataset. I was a bit too enthousiastic and wrote way too much. The additional chapters are therefore published here

IP over Everything

Mixer

NIST 800-41

Contributed to the Guidelines on Firewalls, and Firewall Policy.

NIST 800-92

Contributed to the Guide to Computer Security Log Management.

special page

Thor