Monitoring Network Traffic with Radial Traffic Analyzer

Extensive spread of malicious code on the Internet and also within intranets has risen the user's concern about what kind of data is transferred between her or his computer and other hosts on the network. Visual analysis of this kind of information is a challenging task, due to the complexity and volume of the data type considered, and requires special design of appropriate visualization techniques. In this paper, we present a scalable visualization toolkit for analyzing network activity of computer hosts on a network. The visualization combines network packet volume and type distribution information with geographic information, enabling the analyst to use geographic distortion techniques such as the HistoMap technique to become aware of the traffic components in the course of the analysis. The presented analysis tool is especially useful to compare important network load characteristics in a geographically aware display, to relate communication partners, and to identify the type of network traffic occurring. The results of the analysis are helpful in understanding typical network communication activities, and in anticipating potential performance bottlenecks or problems. It is suited for both off-line analysis of historic data, and via animation for on-line monitoring of packet-based network traffic in real time

[1]  William Yurcik,et al.  Closing-the-loop in NVisionIP: integrating discovery and search in security visualizations , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[2]  Chris North,et al.  Root polar layout of Internet address data for security administration , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[3]  John R. Goodall,et al.  A user-centered look at glyph-based security visualization , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[4]  Stephen Lau,et al.  The Spinning Cube of Potential Doom , 2004, CACM.

[5]  Stefano Foresti,et al.  Visual correlation of network alerts , 2006, IEEE Computer Graphics and Applications.

[6]  Mei C. Chuah,et al.  Dynamic aggregation with circular visual designs , 1998, Proceedings IEEE Symposium on Information Visualization (Cat. No.98TB100258).

[7]  Daniel A. Keim,et al.  Mail Explorer - Spatial and Temporal Exploration of Electronic Mail , 2005, EuroVis.

[8]  Daniel A. Keim,et al.  FP-Viz: Visual Frequent Pattern Mining , 2005 .

[9]  Stephen G. Eick,et al.  Information Rich Glyphs for Software Management Data , 1998, IEEE Computer Graphics and Applications.

[10]  Matthew O. Ward,et al.  InterRing: A Visual Interface for Navigating and Manipulating Hierarchies , 2003, Inf. Vis..

[11]  Wayne G. Lutters,et al.  Preserving the big picture: visual network traffic analysis with TNV , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[12]  John T. Stasko,et al.  IDS rainStorm: visualizing IDS alarms , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[13]  J. Stasko,et al.  Focus+context display and navigation techniques for enhancing radial, space-filling hierarchy visualizations , 2000, IEEE Symposium on Information Visualization 2000. INFOVIS 2000. Proceedings.

[14]  Colin Ware,et al.  Information Visualization: Perception for Design , 2000 .

[15]  Svetlana Mansmann,et al.  Interactive Exploration of Data Traffic with Hierarchical Network Maps , 2006, IEEE Transactions on Visualization and Computer Graphics.

[16]  Ben Shneiderman,et al.  Tree visualization with tree-maps: 2-d space-filling approach , 1992, TOGS.