Readings in information visualization: using vision to think
Readings in information visualization: using vision to think
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Detecting Flaws and Intruders with Visual Data Analysis
IEEE Computer Graphics and Applications
NVisionIP: netflow visualizations of system state for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
PortVis: a tool for port-based detection of security events
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
LISA '02 Proceedings of the 16th USENIX conference on System administration
prefuse: a toolkit for interactive information visualization
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Distributed computing in practice: the Condor experience: Research Articles
Concurrency and Computation: Practice & Experience - Grid Performance
IDGraphs: Intrusion Detection and Analysis Using Histographs
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Focusing on Context in Network Traffic Analysis
IEEE Computer Graphics and Applications
A Graph-Theoretic Approach to Enterprise Network Dynamics (Progress in Computer Science and Applied Logic (PCS))
Visualizing NetFlows for security at line speed: the SIFT tool suite
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Towards highly reliable enterprise network services via inference of multi-level dependencies
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
PolicyVis: firewall security policy visualization and inspection
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
NetADHICT: a tool for understanding network traffic
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
A hybrid finite automaton for practical deep packet inspection
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Applied Security Visualization
Applied Security Visualization
NetFlow Data Visualization Based on Graphs
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
ENAVis: enterprise network activities visualization
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
Hi-index | 0.00 |
With the increasing prevalence of multi-user environments in distributed systems, it has become an increasingly challenging task to precisely identify who is doing what on an enterprise network. Current management systems that rely on inference for user identity and application are not capable of accurately reporting and managing a large-scale network due to the coarseness of the collected data or scaling of the collection mechanism. We propose a system that focuses data collection in the form of local context, i.e. the precise user and application associated with a network connection. Through the use of dynamic correlation and novel graph modeling, we developed a visualization tool called ENAVis (the work appeared in earlier form in [1] and received USENIX best paper award). (Enterprise Network Activities Visualization). ENAVis aids a real-world administrator in allowing them to more efficiently manage and gain insight about the connectivity between hosts, users, applications and data access offering significant streamlining of the management process.