Title :
Security visualization tools and IPv6 addresses
Author :
Barrera, David ; Van Oorschot, P.C.
Author_Institution :
Sch. of Comput. Sci., Carleton Univ., Carleton, ON, Canada
Abstract :
Visualization is used by security analysts to help detect patterns and trends in large volumes of network traffic data. With IPv6 slowly being deployed around the world, network intruders are beginning to adapt their tools and techniques to work over IPv6 (vs. IPv4). Many tools for visualizing network activity, while useful for detecting large scale attacks and network behavior anomalies still only support IPv4. In this paper, we explore the current state of IPv6 support in some popular security visualization tools and identify the roadblocks preventing those tools from supporting the new protocol. We propose a filtering technique that helps reduce the occlusion of IPv6 sources on graphs. We also suggest using treemaps for visually representing the vast space of remote addresses in IPv6.
Keywords :
IP networks; security of data; telecommunication traffic; IPv6 addresses; filtering technique; network behavior anomalies detection; network traffic data; security visualization tools; Computational modeling; Computer science; Computer security; Data security; Data visualization; IP networks; Internet; Pattern analysis; Protocols; Telecommunication traffic; I.6.8 [Simulation and Modeling]: Types of Simulation-Visual; K.6.5 [Management of Computing and Information Systems]: Security and Protection (D.4.6, K.4.2)-Unauthorized access (e.g., hacking, hreaking);
Conference_Titel :
Visualization for Cyber Security, 2009. VizSec 2009. 6th International Workshop on
Conference_Location :
Atlantic City, NJ
Print_ISBN :
978-1-4244-5413-6
DOI :
10.1109/VIZSEC.2009.5375538
