Home-centric visualization of network traffic for security administration

Authors:
Robert Ball;Glenn A. Fink;Chris North
Affiliations:
Virginia Polytechnic Institute and State University;Virginia Polytechnic Institute and State University;Virginia Polytechnic Institute and State University
Venue:
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Year:
2004

Citing 14
Cited 27

The Gridfit algorithm: an efficient and effective approach to visualizing large amounts of spatial data

Proceedings of the conference on Visualization '98
Data mountain: using spatial memory for document management

Proceedings of the 11th annual ACM symposium on User interface software and technology
Balancing cooperation and risk in intrusion detection

ACM Transactions on Information and System Security (TISSEC)
The 1999 DARPA off-line intrusion detection evaluation

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Graph Visualization and Navigation in Information Visualization: A Survey

IEEE Transactions on Visualization and Computer Graphics
Designing Pixel-Oriented Visualization Techniques: Theory and Applications

IEEE Transactions on Visualization and Computer Graphics
An Eye on Network Intruder-Administrator Shootouts

Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Network Intrusion Visualization with NIVA, an Intrusion Detection Visual Analyzer with Haptic Integration

HAPTICS '02 Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems
The Eyes Have It: A Task by Data Type Taxonomy for Information Visualizations

VL '96 Proceedings of the 1996 IEEE Symposium on Visual Languages
Change Blindness in Information Visualization: A Case Study

INFOVIS '01 Proceedings of the IEEE Symposium on Information Visualization 2001 (INFOVIS'01)
Automatically inferring patterns of resource consumption in network traffic

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
A Visual Exploration Process for the Analysis of Internet Routing Data

Proceedings of the 14th IEEE Visualization 2003 (VIS'03)
Mapping and visualizing the internet

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Empirical comparison of dynamic query sliders and brushing histograms

INFOVIS'03 Proceedings of the Ninth annual IEEE conference on Information visualization

InetVis, a visual tool for network telescope traffic analysis

AFRIGRAPH '06 Proceedings of the 4th international conference on Computer graphics, virtual reality, visualisation and interaction in Africa
Hierarchical Visualization of Network Intrusion Detection Data

IEEE Computer Graphics and Applications
Visualizing Internet Routing Changes

IEEE Transactions on Visualization and Computer Graphics
Real-time collaborative network monitoring and control using 3D game engines for representation and interaction

Proceedings of the 3rd international workshop on Visualization for computer security
Visualization assisted detection of sybil attacks in wireless networks

Proceedings of the 3rd international workshop on Visualization for computer security
BGP eye: a new visualization tool for real-time detection and analysis of BGP anomalies

Proceedings of the 3rd international workshop on Visualization for computer security
Interactively combining 2D and 3D visualization for network traffic monitoring

Proceedings of the 3rd international workshop on Visualization for computer security
Command line or pretty lines?: comparing textual and visual interfaces for intrusion detection

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Towards network awareness

LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Interactive wormhole detection and evaluation

Information Visualization
More than meets the eye: transforming the user experience of home network management

Proceedings of the 7th ACM conference on Designing interactive systems
Large-Scale Network Monitoring for Visual Analysis of Attacks

VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Visualizing Real-Time Network Resource Usage

VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
A Component-Based Framework for Visualization of Intrusion Detection Events

Information Security Journal: A Global Perspective
Guidelines for designing IT security management tools

Proceedings of the 2nd ACM Symposium on Computer Human Interaction for Management of Information Technology
Graph Drawing for Security Visualization

Graph Drawing
Toward a Scalable Visualization System for Network Traffic Monitoring

IEICE - Transactions on Information and Systems
Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations

Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Network stack diagnosis and visualization tool

Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Classroom projects to support e-Learning in computer networks and security

Proceedings of the First Kuwait Conference on e-Services and e-Systems
Situational assessment of intrusion alerts: a multi attack scenario evaluation

ICICS'11 Proceedings of the 13th international conference on Information and communications security
Envisioning grid vulnerabilities: multi-dimensional visualization for electrical grid planning

Proceedings of the International Working Conference on Advanced Visual Interfaces
Sybil attack detection through global topology pattern visualization

Information Visualization
Efficient multidimensional aggregation for large scale monitoring

lisa'12 Proceedings of the 26th international conference on Large Installation System Administration: strategies, tools, and techniques
SPTrack: visual analysis of information flows within SELinux policies and attack logs

AMT'12 Proceedings of the 8th international conference on Active Media Technology
Review: A survey of network flow applications

Journal of Network and Computer Applications
A novel approach to visualize web anomaly attacks in pervasive computing environment

The Journal of Supercomputing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Today's system administrators, burdened by rapidly increasing network activity, must quickly perceive the security state of their networks, but they often have only text-based tools to work with. These tools often provide no overview to help users grasp the big-picture. Our interviews with administrators have revealed that they need visualization tools; thus, we present VISUAL (Visual Information Security Utility for Administration Live), a network security visualization tool that allows users to see communication patterns between their home (or internal) networks and external hosts. VISUAL is part of our Network Eye security visualization architecture, also described in this paper. We have designed and tested a new computer security visualization that gives a quick overview of current and recent communication patterns in the monitored network to the users. Many tools can detect and show fan-out and fan-in, but VISUAL shows network events graphically, in context. Visualization helps users comprehend the intensity of network events more intuitively than text-based tools can. VISUAL provides insight for networks with up to 2,500 home hosts and 10,000 external hosts, shows the relative activity of hosts, displays them in a constant relative position, and reveals the ports and protocols used.