Home-Centric Visualization of Network Traffic for Security
Administration
You can read the actual paper here.
Abstract:
The increased amount of malicious network attacks creates a need
for efficient intrusion detection systems, but such systems often
convey packet capture data results as textual log files and hence
are difficult to analyze by a human user. In this paper we present
VISUAL (Visual Information Security Utility for Administration
Live), a home-centric visualization tool that allows security analysts
or network administrators to visualize network traffic. We use
novel visualization techniques that allow the users to quickly see an
overview of the communication patterns that exist in their network.
VISUAL rapidly shows insight into the network traffic by showing
fan-in and fan-out, and a home-centric (“us versus them“) perspective.
VISUAL has the properties of scalability, relative activity
of nodes, constant relative position of nodes, and visually showing
what ports were used.
Example
The following figure is an example of 4 subnets being displayed by
VISUAL.
Submitted Video
Click on the link below
to view the submitted video that accompanied the paper. It can only be
viewed with QuickTime. You can
download the QuickTime
Player
free from apple here.
Video Submission (13.1 MB)
home
Last changed: May 05, 2004