ENAVis: enterprise network activities visualization

Authors:
Qi Liao;Andrew Blaich;Aaron Striegel;Douglas Thain
Affiliations:
University of Notre Dame;University of Notre Dame;University of Notre Dame;University of Notre Dame
Venue:
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
Year:
2008

Citing 8
Cited 3

Introduction to Algorithms

Introduction to Algorithms
MRTG: The Multi Router Traffic Grapher

LISA '98 Proceedings of the 12th Conference on Systems Administration
MieLog: A Highly Interactive Visual Log Browser Using Information Visualization and Statistical Analysis

LISA '02 Proceedings of the 16th USENIX conference on System administration
Visualizing NetFlows for security at line speed: the SIFT tool suite

LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
SANE: a protection architecture for enterprise networks

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Ethane: taking control of the enterprise

Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Towards highly reliable enterprise network services via inference of multi-level dependencies

Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
PolicyVis: firewall security policy visualization and inspection

LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference

Visualizing graph dynamics and similarity for enterprise network security and management

Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Managing networks through context: Graph visualization and exploration

Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient multidimensional aggregation for large scale monitoring

lisa'12 Proceedings of the 26th international conference on Large Installation System Administration: strategies, tools, and techniques

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the prevalence of multi-user environments, it has become an increasingly challenging task to precisely identify who is doing what on an enterprise network. Current management systems that rely on inferring user identity and application usage via log files from routers and switches are not capable of accurately reporting and managing a large-scale network due to the coarseness of the collected data. We propose a system that utilizes finer-grained data in the form of local context, i.e., the precise user and application associated with a network connection. Through the use of dynamic correlation and graph modeling, we developed a visualization tool called ENAVis (Enterprise Network Activities Visualization). ENAV is aids a real-world administrator in allowing them to more efficiently manage and gain insight about the connectivity between hosts, users, and applications that is otherwise obfuscated, lost or not collected in systems currently deployed in an enterprise setting.