Visual Analysis of Network Traffic for Resource Planning, Interactive Monitoring, and Interpretation of Security Threats
Issue No. 06 - November/December (2007 vol. 13)
The Internet has become a wild place: malicious code is spread on personal computers across the world, deploying botnets ready to attack the network infrastructure. The vast number of security incidents and other anomalies overwhelms attempts at manual analysis, especially when monitoring service provider backbone links. We present an approach to interactive visualization with a case study indicating that interactive visualization can be applied to gain more insight into these large data sets. We superimpose a hierarchy on IP address space, and study the suitability of Treemap variants for each hierarchy level. Because viewing the whole IP hierarchy at once is not practical for most tasks, we evaluate layout stability when eliding large parts of the hierarchy, while maintaining the visibility and ordering of the data of interest.
Information visualization, network security, network monitoring, treemap
Brian Rexroad, Stephen C. North, Florian Mansmann, Daniel Sheleheda, Daniel A. Keim, "Visual Analysis of Network Traffic for Resource Planning, Interactive Monitoring, and Interpretation of Security Threats", IEEE Transactions on Visualization & Computer Graphics, vol. 13, no. , pp. 1105-1112, November/December 2007, doi:10.1109/TVCG.2007.70612