Abstract
Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.
Original language | English (US) |
---|---|
Title of host publication | Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012 |
Pages | 16-23 |
Number of pages | 8 |
DOIs | |
State | Published - Aug 8 2013 |
Event | 2012 ASE International Conference on Cyber Security, CyberSecurity 2012 - Washington, D.C., United States Duration: Dec 14 2012 → Dec 16 2012 |
Other
Other | 2012 ASE International Conference on Cyber Security, CyberSecurity 2012 |
---|---|
Country | United States |
City | Washington, D.C. |
Period | 12/14/12 → 12/16/12 |
Keywords
- crucial node
- Network events monitoring
- network visualization
- security visualization
ASJC Scopus subject areas
- Computer Networks and Communications
- Safety, Risk, Reliability and Quality