Blackhat/DEFCON Visualization Retrospective
From a data mining and visualization perspective the conferences in Las Vegas offered a couple of highlights for me. First of all Raffy’s book Applied Security Visualization was finally launched and I had the first chance to see and hold the book with the DAVIX CD in my own hands at the bookseller booth. After hours of reviewing the book and building the live CD during the last eight months, it was a great relief that it was finally done.
I very much anticipated Greg Conti’s and Erik Dean’s talk on binary visualization (PPT Slides). Their newest tools DanglyBytes allows for interactive analysis of binary data in multiple views. The different views decode data in multiple ways. There is a view that just prints the bit stream in a window while another decodes a series of bytes as RGB value. Their demo of a Windows error dump was a revelation: Using a slider on one of the views they could adjust the column width of the view. While moving the slider Google and Wikipedia images began to appear out of the noise. I am looking forward to play around with it myself.
Another interesting discovery at the Blackhat vendor area was the company Lookingglass with their software as a service (SaaS) called ScoutVision. They have built an infrastructure that stores Internet meta information in a database and provides its customers a client software to access and visualize this information remotely. For well paying customers they offer a service where clients can tie in their own IT data.
While preparing for the DAVIX Visualization Workshop in the CTF lounge, I saw a dude visualizing network traffic in Processing. I approached him and we started chatting about visualization. Interestingly he did neither know about secviz.org nor DAVIX. Over the course of DEFCON I found out that many people are toying around with visualization as well but there is no interaction between these people. This is definitively a thing that we should be working on over the upcoming months. I hope that DAVIX will help to contract people interested in security visualization.
On Sunday our DAVIX Visualization Workshop was on (Slides). During our introductory talk on DAVIX there were about 120 attendees. We were very surprised to see such an interest although many DEFCON participants have already gone home and it was during the last three hours of DEFCON. So there is definitively potential for future activities.
*** This is a Security Bloggers Network syndicated blog from iplosion security authored by jan.monsch. Read the original post at: http://www.iplosion.com/archives/69
