A Technique for Drawing Directed Graphs
IEEE Transactions on Software Engineering
Computer Networks: The International Journal of Computer and Telecommunications Networking
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Proceedings of the 2008 Workshop on BEyond time and errors: novel evaLuation methods for Information Visualization
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Hi-index | 0.00 |
Gaining an overview of host activities is hard when a host is busily exchanging hundreds or thousands of flows over a network. This makes investigating traffic of a suspicious host a tedious task for a security analyst. We propose a novel host traffic visualization technique that reduces this cognitive burden by i) representing traffic through an annotated k-partite graph reflecting familiar Berkeley socket model semantics, ii) employing a host role summarization for effective removal of ephemeral traffic features, and iii) providing classification and filtering techniques for unwanted traffic, which are important for identifying the functional role of port numbers and for visualization. We present the open-source tool HAPviewer and demonstrate how it can visualize a large number of flows through a compact and easily interpretable graph.