Title :
Crucial Nodes Centric Visual Monitoring and Analysis of Computer Networks
Author :
Hanchen Song ; Muelder, Chris W. ; Kwan-Liu Ma
Author_Institution :
Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.
Keywords :
computer network security; data analysis; data visualisation; intranets; IDS data; IEEE VAST challenge 2011 dataset; categorization mechanism; computer networks analysis; crucial nodes centric visual monitoring; exchange mechanism; interactive visualization system; intranets; massive data processing; multiple streaming data; network monitoring; unknown patterns; Network events monitoring; crucial node; network visualization; security visualization;
Conference_Titel :
Cyber Security (CyberSecurity), 2012 International Conference on
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4799-0219-4
DOI :
10.1109/CyberSecurity.2012.9
