Visual Analysis of Network Traffic for Resource Planning, Interactive Monitoring, and Interpretation of Security Threats

Authors:
Florian Mansmann;Daniel A. Keim;Stephen C. North;Brian Rexroad;Daniel Sheleheda
Affiliations:
-;-;-;-;-
Venue:
IEEE Transactions on Visualization and Computer Graphics
Year:
2007

Citing 11
Cited 11

Ordered and quantum treemaps: Making effective use of 2D space to display hierarchies

ACM Transactions on Graphics (TOG)
CAIDA: Visualizing the Internet

IEEE Internet Computing
Multidimensional Database Technology

Computer
Interactive Information Visualization of a Million Items

INFOVIS '02 Proceedings of the IEEE Symposium on Information Visualization (InfoVis'02)
Tree-Maps: a space-filling approach to the visualization of hierarchical information structures

VIS '91 Proceedings of the 2nd conference on Visualization '91
Detecting Flaws and Intruders with Visual Data Analysis

IEEE Computer Graphics and Applications
RecMap: Rectangular Map Approximations

INFOVIS '04 Proceedings of the IEEE Symposium on Information Visualization
Root Polar Layout of Internet Address Data for Security Administration

VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Hierarchical Visualization of Network Intrusion Detection Data

IEEE Computer Graphics and Applications
On rectangular cartograms

Computational Geometry: Theory and Applications
Mapping and visualizing the internet

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference

Large-Scale Network Monitoring for Visual Analysis of Attacks

VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations

Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Visual analysis of news streams with article threads

Proceedings of the First International Workshop on Novel Data Stream Pattern Mining Techniques
EMBER: a global perspective on extreme malicious behavior

Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Neural visualization of network traffic data for intrusion detection

Applied Soft Computing
Adjacency-preserving spatial treemaps

WADS'11 Proceedings of the 12th international conference on Algorithms and data structures
The World's Languages Explorer: Visual Analysis of Language Features in Genealogical and Areal Contexts

Computer Graphics Forum
Visual comparison for information visualization

Information Visualization - Special issue on State of the Field and New Research Directions
Visual analytics: towards intelligent interactive internet and security solutions

The Future Internet
Visual analysis of complex firewall configurations

Proceedings of the Ninth International Symposium on Visualization for Cyber Security
RT-MOVICAB-IDS: Addressing real-time intrusion detection

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Internet has become a wild place: malicious code is spread on personal computers across the world, deploying botnets ready to attack the network infrastructure. The vast number of security incidents and other anomalies overwhelms attempts at manual analysis, especially when monitoring service provider backbone links. We present an approach to interactive visualization with a case study indicating that interactive visualization can be applied to gain more insight into these large data sets. We superimpose a hierarchy on IP address space, and study the suitability of Treemap variants for each hierarchy level. Because viewing the whole IP hierarchy at once is not practical for most tasks, we evaluate layout stability when eliding large parts of the hierarchy, while maintaining the visibility and ordering of the data of interest.