Crucial nodes centric visual monitoring and analysis of computer networks

Hanchen Song, Chris W. Muelder, Kwan-Liu Ma

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.

Original languageEnglish (US)
Title of host publicationProceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012
Pages16-23
Number of pages8
DOIs
StatePublished - Aug 8 2013
Event2012 ASE International Conference on Cyber Security, CyberSecurity 2012 - Washington, D.C., United States
Duration: Dec 14 2012Dec 16 2012

Other

Other2012 ASE International Conference on Cyber Security, CyberSecurity 2012
CountryUnited States
CityWashington, D.C.
Period12/14/1212/16/12

Fingerprint

Computer networks
Monitoring
Visualization
Intranets
Electric fuses

Keywords

  • crucial node
  • Network events monitoring
  • network visualization
  • security visualization

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Song, H., Muelder, C. W., & Ma, K-L. (2013). Crucial nodes centric visual monitoring and analysis of computer networks. In Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012 (pp. 16-23). [6542521] https://doi.org/10.1109/CyberSecurity.2012.9

Crucial nodes centric visual monitoring and analysis of computer networks. / Song, Hanchen; Muelder, Chris W.; Ma, Kwan-Liu.

Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012. 2013. p. 16-23 6542521.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Song, H, Muelder, CW & Ma, K-L 2013, Crucial nodes centric visual monitoring and analysis of computer networks. in Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012., 6542521, pp. 16-23, 2012 ASE International Conference on Cyber Security, CyberSecurity 2012, Washington, D.C., United States, 12/14/12. https://doi.org/10.1109/CyberSecurity.2012.9
Song H, Muelder CW, Ma K-L. Crucial nodes centric visual monitoring and analysis of computer networks. In Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012. 2013. p. 16-23. 6542521 https://doi.org/10.1109/CyberSecurity.2012.9
Song, Hanchen ; Muelder, Chris W. ; Ma, Kwan-Liu. / Crucial nodes centric visual monitoring and analysis of computer networks. Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012. 2013. pp. 16-23
@inproceedings{0f5f64df5621469483686854cb590a01,
title = "Crucial nodes centric visual monitoring and analysis of computer networks",
abstract = "Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.",
keywords = "crucial node, Network events monitoring, network visualization, security visualization",
author = "Hanchen Song and Muelder, {Chris W.} and Kwan-Liu Ma",
year = "2013",
month = "8",
day = "8",
doi = "10.1109/CyberSecurity.2012.9",
language = "English (US)",
isbn = "9780769550145",
pages = "16--23",
booktitle = "Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012",

}

TY - GEN

T1 - Crucial nodes centric visual monitoring and analysis of computer networks

AU - Song, Hanchen

AU - Muelder, Chris W.

AU - Ma, Kwan-Liu

PY - 2013/8/8

Y1 - 2013/8/8

N2 - Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.

AB - Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.

KW - crucial node

KW - Network events monitoring

KW - network visualization

KW - security visualization

UR - http://www.scopus.com/inward/record.url?scp=84881081209&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84881081209&partnerID=8YFLogxK

U2 - 10.1109/CyberSecurity.2012.9

DO - 10.1109/CyberSecurity.2012.9

M3 - Conference contribution

AN - SCOPUS:84881081209

SN - 9780769550145

SP - 16

EP - 23

BT - Proceedings of the 2012 ASE International Conference on Cyber Security, CyberSecurity 2012

ER -