Applications of Mind Mapping automation in the analysis of information security log files

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

Mind Mapping automation in information security log analysis

(C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

Manually reviewing log files has the following problems:

• Time consuming

• Monotonous

• Difficult to prioritize events

• Difficult to visualize important events

Advantages of Mind Maps

• Visual display of information • Information grouped by device, date-time, type

of event and type of file • Flexible • Easy to add comments and callouts to the basic

Mind Map • Easy to share • Exportable to PDF, Word and HTML • Tree structure • Searchable

Example of application of Mind Mapping automation

Endpoint Protector

Data Loss Prevention solution

“Make sure sensitive data does not leave your network whether copied on devices, clipboard or through applications, online services and even as screen captures.”

Endpoint Protector

Log generated by Endpoint Protector

Example of a log file generated by Endpoint Protector

Mind Maps generated

• Events by device

• Events by date-time

• Events by type of event

• Events by type of file

• Events by user

EVENTS BY DEVICE

Log file processed with Mind Mapping automation

Overview

USB – 1

USB – 2 (Events)

USB - 2

Webcam

Network Adapter

WiFi Adapter

CD-ROM

EVENTS BY DATE-TIME

Level 1

Overview

Events in a day

EVENTS BY TYPE OF EVENT

Overview

Level 1

File read

File rename

File delete

Enabled

Disconnected

EVENTS BY TYPE OF FILE

Overview

Level 1

url file

Application

EVENTS BY USER LOGGED

Overview

Level 1

User: Alice Johnson

User: John Smith

REVIEW PROCESS

Review detail of a File delete

Mind Map of the events to review by user logged

Summary

• Mind Mapping automation is a very useful tool to analyze security logs

• It can be adapted to any type of log

• It reduces the analysis time

• It is very scalable

• It simplifies the analysis of log files

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

Contact Information

• José M. Guerrero

• jm@infoseg.com

• Slideshare Presentations

Applications of Mind Mapping automation in the analysis of information security log files

Technology

Mind mapping serres

Mapping the Mind

Concept mapping, mind mapping and argument mapping: …fbe.unimelb.edu.au/__data/.../632516/mind_concept_argument_mappi… · Concept mapping, mind mapping and argument ... academics

Mind Mapping

Mind mapping cts

Try Mind Mapping

Mind Mapping Workshop

Concept mapping, mind mapping and argument mapping: what ... · concept mapping has been developed to address these limitations of mind mapping. Concept mapping Concept mapping is

Concept Mapping, Mind Mapping and Argument Mapping: What ... · PDF fileConcept Mapping, Mind Mapping and Argument Mapping: ... a number of education-related purposes. ... Novakian

Mind mapping

Mind mapping en Concept mapping

Using Mind Mapping Techniques in Testing - ANZTB · Using Mind Mapping Techniques in Testing Marie Walsh mariewalsh@anztb.org . ... Mind Mapping ATM …

Mind Mapping. Mind Mapping Overview By the end of this lecture you should be able to: Define “mind mapping” Describe the main advantages of mind mapping

Mind Mapping Slides

Mapping our Mind

Application of mind mapping automation in the analysis of information security log files Malwarebytes

Concept mapping, mind mapping and argument mapping: what

Mind Mapping Examples

Concept Mapping, Mind Mapping