NetViewer: a network traffic visualization and analysis tool

Authors:
Seong Soo Kim;A. L. Narasimha Reddy
Affiliations:
Texas A&M University;Texas A&M University
Venue:
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Year:
2005

Citing 8
Cited 1

Automatic partitioning of full-motion video

Multimedia Systems
Testing the Gaussian approximation of aggregate traffic

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
A fast algorithm for video parsing using MPEG compressed sequences

ICIP '95 Proceedings of the 1995 International Conference on Image Processing (Vol.2)-Volume 2 - Volume 2
On the detection and recognition of television commercials

ICMCS '97 Proceedings of the 1997 International Conference on Multimedia Computing and Systems
Automatically inferring patterns of resource consumption in network traffic

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
FlowScan: A Network Traffic Flow Reporting and Visualization Tool

LISA '00 Proceedings of the 14th USENIX conference on System administration
Statistical sequential analysis for real-time video scene change detection on compressed multimedia bitstream

IEEE Transactions on Multimedia

Network stack diagnosis and visualization tool

Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

The frequent and large-scale network attacks have led to an increased need for developing techniques for analyzing network traffic. If efficient analysis tools were available, it could become possible to detect the attacks, anomalies and to appropriately take action to contain the attacks before they have had time to propagate across the network. This paper describes NetViewer, a network monitoring tool that can simultaneously detect, identify and visualize attacks and anomalous traffic in real-time by passively monitoring packet headers. NetViewer represents the traffic data as images, enabling the application of image/video processing techniques for the analysis of network traffic. NetViewer is released free to the general public. By employing a freely available visualization tool, the users of NetViewer can comprehend the characteristics of the network traffic observed in the aggregate. NetViewer can be employed to detect and identify network anomalies such as DoS/DDoS attacks, worms and flash crowds. NetViewer can also provide information on traffic distributions over IP address/port number domains, utilization of link capacity and effectiveness of Quality of Service policies.