Intrusion and Advanced Persistent Threat detection systems analyze daily enormous amounts of data. The evidences produced by such systems need to be presented in a clear and understandable way to an analyst so he/she can easily filter out important suspicious behavior and what is just regular network traffic. To do this an intuitive and readable visualization of the data must be present for the expert.
At cylab.be we are developing Advanced Persistent Threat detection system with a built-in data visualization: https://cylab.be/research/mark
To start this project you should have some knowledge of:
To achieve this project, you will use following tools and technologies: