Title :
Focusing on context in network traffic analysis
Author :
Goodall, John R. ; Lutters, Wayne G. ; Rheingans, Penny ; Komlodi, Anita
Author_Institution :
Maryland Univ., Baltimore County, MD, USA
Abstract :
The time-based network traffic visualizer combines low-level, textual detail with multiple visualizations of the larger context to help users construct a security event´s big picture. TNV is a visualization tool grounded in an under standing of the work practices of security analysts. We designed it to support ID analysis by giving analysts a visual display that facilitates pattern and anomaly recognition, particularly overtime. It also offers more focused views on packet-level detail in the context of the surrounding network traffic.
Keywords :
data visualisation; security of data; telecommunication security; telecommunication traffic; anomaly recognition; network traffic analysis; pattern recognition; security analysts; time-based network traffic visualizer; visualization tool; Animation; Computer security; Computerized monitoring; Data security; Data visualization; Information analysis; Information security; Intelligent networks; Intrusion detection; Telecommunication traffic; information visualization; network analysis; user-centered design; visualization for computer security; Computer Communication Networks; Computer Graphics; Information Storage and Retrieval; Signal Processing, Computer-Assisted; Software; User-Computer Interface;
Journal_Title :
Computer Graphics and Applications, IEEE
DOI :
10.1109/MCG.2006.31
