Crucial nodes centric visual monitoring and analysis of computer networks

Hanchen Song; Chris W. Muelder; Kwan-Liu Ma

doi:10.1109/CyberSecurity.2012.9

Crucial nodes centric visual monitoring and analysis of computer networks

Hanchen Song, Chris W. Muelder, Kwan-Liu Ma

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Citations (Scopus)

Abstract

Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.

Original language	English (US)
Title of host publication	Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012
Pages	16-23
Number of pages	8
DOIs	https://doi.org/10.1109/CyberSecurity.2012.9
State	Published - Aug 8 2013
Event	2012 ASE International Conference on Cyber Security, CyberSecurity 2012 - Washington, D.C., United States Duration: Dec 14 2012 → Dec 16 2012

Other

Other	2012 ASE International Conference on Cyber Security, CyberSecurity 2012
Country	United States
City	Washington, D.C.
Period	12/14/12 → 12/16/12

Fingerprint

Computer networks

Monitoring

Visualization

Intranets

Electric fuses

Keywords

crucial node
Network events monitoring
network visualization
security visualization

ASJC Scopus subject areas

Computer Networks and Communications
Safety, Risk, Reliability and Quality

Cite this

Song, H., Muelder, C. W., & Ma, K-L. (2013). Crucial nodes centric visual monitoring and analysis of computer networks. In Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012 (pp. 16-23). [6542521] https://doi.org/10.1109/CyberSecurity.2012.9

Crucial nodes centric visual monitoring and analysis of computer networks. / Song, Hanchen; Muelder, Chris W.; Ma, Kwan-Liu.

Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012. 2013. p. 16-23 6542521.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Song, H, Muelder, CW & Ma, K-L 2013, Crucial nodes centric visual monitoring and analysis of computer networks. in Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012., 6542521, pp. 16-23, 2012 ASE International Conference on Cyber Security, CyberSecurity 2012, Washington, D.C., United States, 12/14/12. https://doi.org/10.1109/CyberSecurity.2012.9

Song H, Muelder CW, Ma K-L. Crucial nodes centric visual monitoring and analysis of computer networks. In Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012. 2013. p. 16-23. 6542521 https://doi.org/10.1109/CyberSecurity.2012.9

Song, Hanchen ; Muelder, Chris W. ; Ma, Kwan-Liu. / Crucial nodes centric visual monitoring and analysis of computer networks. Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012. 2013. pp. 16-23

@inproceedings{0f5f64df5621469483686854cb590a01,

title = "Crucial nodes centric visual monitoring and analysis of computer networks",

abstract = "Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.",

keywords = "crucial node, Network events monitoring, network visualization, security visualization",

author = "Hanchen Song and Muelder, {Chris W.} and Kwan-Liu Ma",

year = "2013",

month = "8",

day = "8",

doi = "10.1109/CyberSecurity.2012.9",

language = "English (US)",

isbn = "9780769550145",

pages = "16--23",

booktitle = "Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012",

}

TY - GEN

T1 - Crucial nodes centric visual monitoring and analysis of computer networks

AU - Song, Hanchen

AU - Muelder, Chris W.

AU - Ma, Kwan-Liu

PY - 2013/8/8

Y1 - 2013/8/8

N2 - Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.

AB - Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.

KW - crucial node

KW - Network events monitoring

KW - network visualization

KW - security visualization

UR - http://www.scopus.com/inward/record.url?scp=84881081209&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84881081209&partnerID=8YFLogxK

U2 - 10.1109/CyberSecurity.2012.9

DO - 10.1109/CyberSecurity.2012.9

M3 - Conference contribution

AN - SCOPUS:84881081209

SN - 9780769550145

SP - 16

EP - 23

BT - Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012

ER -

Access to Document

10.1109/CyberSecurity.2012.9