NetVis: a Visualization Tool Enabling Multiple Perspectives of Network Traffic Data
No Thumbnail Available
Date
2013
Journal Title
Journal ISSN
Volume Title
Publisher
The Eurographics Association
Abstract
Computer network traffic visualizations deliver improved understanding of pattern-of-life for networks, and such enhanced awareness can facilitate the detection of malicious traffic. Existing tools often opt for graph or plotbased visualizations to detect patterns or outliers in the data, but they still largely provide segmented views. In this paper we present a novel framework designed to support multiple heterogeneous visualizations of network traffic data. NetVis enables different visualizations that work in tandem to provide different perspectives of the same data in real-time. As each visualization is modularly tied together, it enables a user to investigate on-going activity, or any subset of it, at their pace and based on their priorities for further exploration. We currently support six visualizations, three are new and three are based on existing literature (parallel coordinate plots, flowscan and spinning cube of potential doom). Our results show that it is possible to use NetVis to detect unusual activity such as cyber attacks on a network. The framework is written to allow future visualizations to be added straightforwardly.
Description
@inproceedings{:10.2312/LocalChapterEvents.TPCG.TPCG13.009-016,
booktitle = {Theory and Practice of Computer Graphics},
editor = {Silvester Czanner and Wen Tang},
title = {{NetVis: a Visualization Tool Enabling Multiple Perspectives of Network Traffic Data}},
author = {Nicholls, James and Peters, Dominik and Slawinski, Albert and Spoor, Thomas and Vicol, Sergiu and Happa, Jassim and Goldsmith, Michael and Creese, Sadie},
year = {2013},
publisher = {The Eurographics Association},
ISBN = {978-3-905673-98-2},
DOI = {/10.2312/LocalChapterEvents.TPCG.TPCG13.009-016}
}