Visualizing Real-Time Network Resource Usage

Authors:
Ryan Blue;Cody Dunne;Adam Fuchs;Kyle King;Aaron Schulman
Affiliations:
Department of Computer Science, University of Maryland, College Park;Department of Computer Science, University of Maryland, College Park;Department of Computer Science, University of Maryland, College Park;Department of Computer Science, University of Maryland, College Park;Department of Computer Science, University of Maryland, College Park
Venue:
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Year:
2008

Citing 12
Cited 1

Tree visualization with tree-maps: 2-d space-filling approach

ACM Transactions on Graphics (TOG)
Graph drawing by force-directed placement

Software—Practice & Experience
Graph Visualization and Navigation in Information Visualization: A Survey

IEEE Transactions on Visualization and Computer Graphics
An Eye on Network Intruder-Administrator Shootouts

Proceedings of the Workshop on Intrusion Detection and Network Monitoring
A blueprint for introducing disruptive technology into the Internet

ACM SIGCOMM Computer Communication Review
Home-centric visualization of network traffic for security administration

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
A Visual Approach for Monitoring Logs

LISA '98 Proceedings of the 12th USENIX conference on System administration
prefuse: a toolkit for interactive information visualization

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A Visual Exploration Process for the Analysis of Internet Routing Data

Proceedings of the 14th IEEE Visualization 2003 (VIS'03)
Root Polar Layout of Internet Address Data for Security Administration

VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Network Visualization by Semantic Substrates

IEEE Transactions on Visualization and Computer Graphics
Mapping and visualizing the internet

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference

MalwareVis: entity-based visualization of malware network traces

Proceedings of the Ninth International Symposium on Visualization for Cyber Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present NetGrok, a tool for visualizing computer network usage in real-time. NetGrok combines well-known information visualization techniques--overview, zoom & filter, details on demand--with network graph and treemap visualizations. NetGrok integrates these tools with a shared data store that can read PCAP-formatted network traces, capture traces from a live interface, and filter the data set dynamically by bandwidth, number of connections, and time. We performed an expert user case study that demonstrates the benefits of applying these techniques to static and real-time streaming packet data. Our user study shows NetGrok serves as an "excellent real-time diagnostic," enabling fast understanding of network resource usage and rapid anomaly detection.