Corpus ID: 13984448

Network Eye : End-to-End Computer Security Visualization

  title={Network Eye : End-to-End Computer Security Visualization},
  author={Glenn A. Fink and Robert Ball and Chris North and Nipun Jawalkar and Ricardo Correa},
Visibility is crucial to managing and securing today’s computers and networks. Visualization tools are a means to provide visibility into the invisible world of network computing. Many good tools exist that give administrators a view into parts of the total picture, but our year-long study of system administrators and their tools shows a strong need for end-to-end visualization of network activity that preserves the context of the information observed. End-to-end visualization will allow an… Expand

Figures from this paper

Real-time and forensic network data analysis using animated and coordinated visualization
The implementation and lessons learned from the creation of a novel network traffic visualization system capable of both realtime and forensic data analysis are described and results indicate that analysts can rapidly examine network traffic and detect anomalies far more quickly than with manual tools. Expand
Cylindrical Coordinates Security Visualization for multiple domain command and control botnet detection
An in-depth investigation on the issue of botnet detection and a new security visualization tool for visualizing botnet behaviors on DNS traffic is presented, developed with the objective of enabling users to recognize security threats promptly and mitigate the damages by only visualizing DNS traffic in cylindrical coordinates. Expand
3D Panel Visualize: Three Dimensional Panel Approach to Network Traffic Visualization
This paper proposes a visualization application called 3D Panel Visualize for visualizing network traffic which helps network administrators to understand status of the traffic and detect anomaliesExpand
Applying Information Visualization to Computer Security Applications
This chapter discusses the Visualization Design Process, which led to the creation of AdviseAid, and some of the techniques used in that process. Expand
3 D E-mail Visualization System
E-Mail is an important method of the people’s communication, and widely used in many areas. Maintaining e-mail system is a hard work, every effort must be made to efficient monitoring e-mail trafficExpand


Home-centric visualization of network traffic for security administration
VISUAL (Visual Information Security Utility for Administration Live), a network security visualization tool that allows users to see communication patterns between their home (or internal) networks and external hosts, and provides insight for networks with up to 2,500 home hosts and 10,000 external hosts. Expand
Intrusion behavior detection through visualization
  • R. Erbacher
  • Computer Science
  • SMC'03 Conference Proceedings. 2003 IEEE International Conference on Systems, Man and Cybernetics. Conference Theme - System Security and Assurance (Cat. No.03CH37483)
  • 2003
This paper proposes a methodology for analyzing network and computer log information visually based on the analysis of user behavior, and discusses how user behavior can be exhibited within the visualization techniques, the capabilities provided by the environment, typical characteristics users should look out for, and exploration paradigms effective for identifying the meaning behind the user's behavior. Expand
An Eye on Network Intruder-Administrator Shootouts
  • Luc Girardin
  • Computer Science, Engineering
  • Workshop on Intrusion Detection and Network Monitoring
  • 1999
A new paradigm for monitoring network activity that enables the discovery of new, sophisticated, and structured attacks is proposed and can be used to analyze past and present activities, as well as to show trends in the events. Expand
Visual Data Analysis for Detecting Flaws and Intruders in Computer Network Systems
Author(s): Teoh, Soon Tee; Jankun-Kelly, T. J.; Ma, Kwan-Liu; Wu, Felix S. | Abstract: To ensure the normal operation of a large computer network system, the common practice is to constantly collectExpand
Automatically inferring patterns of resource consumption in network traffic
A new method of traffic characterization that automatically groups traffic into minimal clusters of conspicuous consumption that can be used to automatically classify new traffic patterns, such as network worms or peer-to-peer applications, without knowing the structure of such traffic a priori. Expand
A taxonomy for information security technologies
A taxonomy for information security technologies is discussed, which provides information on current state-of-the-art technologies used to secure information at application, host and network level. Expand
Designing Pixel-Oriented Visualization Techniques: Theory and Applications
  • D. Keim
  • Computer Science
  • IEEE Trans. Vis. Comput. Graph.
  • 2000
The major goal of this article is to provide a formal basis of pixel-oriented visualization techniques and show that the design decisions in developing them can be seen as solutions of well-defined optimization problems. Expand
MRTG: The Multi Router Traffic Grapher
The history and operation of the current version of MRTG as well as the Round Robin Database Tool, a key component of the next major release of the Multi Router Traffic Grapher (MRTG), are described. Expand
Code red worm propagation modeling and analysis
This paper provides a careful analysis of Code Red propagation by accounting for two factors: one is the dynamic countermeasures taken by ISPs and users; the other is the slowed down worm infection rate because Code Red rampant propagation caused congestion and troubles to some routers. Expand
The Spinning Cube of Potential Doom
Practically every computer linked to the Internet is constantly being scanned for security vulnerabilities and targeted for attack by viruses, worms, and worse.