Intelligent network management using graph differential anomaly visualization

Managing large-scale networks involving users and applications is challenging due to the complexity and dynamic nature of the heterogeneous graphs. How to quickly identify the meaningful changes and hidden anomalous activities in the spatiotemporally dynamic network graphs is essential in many aspects of network management, such as security, performance and troubleshooting. In this paper, we explore the viability and efficacy of a novel graph differential anomaly visualization (DAV) model in the area of network management. Our approach combines algorithmic graph analysis methods and visualization technologies by taking advantages from both computer and human intelligence. We focus on DAV at various levels, i.e., nodes, links and communities. Specifically, a novel community-based DAV scheme is proposed that can help understand the managed networks with a right balance of granularity and complexity. More importantly, the community-based DAV algorithm is less susceptible to network dynamics and high churn. The developed visual analytic tool can not only detect but more importantly find the root causes of anomalies in a time efficient manner.

[1]  Padhraic Smyth,et al.  Prediction and ranking algorithms for event-based network data , 2005, SKDD.

[2]  Douglas Thain,et al.  Distributed computing in practice: the Condor experience , 2005, Concurr. Pract. Exp..

[3]  Trevor F. Cox,et al.  Multidimensional Scaling, Second Edition , 2000 .

[4]  Mason A. Porter,et al.  Communities in Networks , 2009, ArXiv.

[5]  Lise Getoor,et al.  Link mining: a survey , 2005, SKDD.

[6]  Lawrence B. Holder,et al.  Graph-Based Data Mining , 2000, IEEE Intell. Syst..

[7]  Andreas Paepcke,et al.  Visual Analysis of Network Flow Data with Timelines and Event Plots , 2007, VizSEC.

[8]  Nitesh V. Chawla,et al.  Visualizing graph dynamics and similarity for enterprise network security and management , 2010, VizSec '10.

[9]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[10]  T. J. Jankun-Kelly,et al.  Detecting flaws and intruders with visual data analysis , 2004, IEEE Computer Graphics and Applications.

[11]  Nitesh V. Chawla,et al.  New perspectives and methods in link prediction , 2010, KDD.

[12]  Denis Lalanne,et al.  Visual Analysis of Corporate Network Intelligence: Abstracting and Reasoning on Yesterdays for Acting Today , 2007, VizSEC.

[13]  Roberto Tamassia,et al.  Handbook of Graph Drawing and Visualization (Discrete Mathematics and Its Applications) , 2007 .

[14]  William M. Rand,et al.  Objective Criteria for the Evaluation of Clustering Methods , 1971 .

[15]  Roberto Tamassia,et al.  Handbook on Graph Drawing and Visualization , 2013 .

[16]  W. Wallis,et al.  A Graph-Theoretic Approach to Enterprise Network Dynamics , 2006 .

[17]  Evangelos E. Milios,et al.  Link-Based Anomaly Detection in Communication Networks , 2008, 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology.

[18]  Douglas Thain,et al.  ENAVis: Enterprise Network Activities Visualization , 2008, LISA.

[19]  Matthieu Latapy,et al.  Computing Communities in Large Networks Using Random Walks , 2004, J. Graph Algorithms Appl..

[20]  Daniel A. Keim,et al.  Large-Scale Network Monitoring for Visual Analysis of Attacks , 2008, VizSEC.

[21]  David D. Jensen,et al.  The case for anomalous link discovery , 2005, SKDD.

[22]  Horst Bunke,et al.  A Graph-Theoretic Approach to Enterprise Network Dynamics (Progress in Computer Science and Applied Logic (PCS)) , 2006 .

[23]  Patrick Hertzog Visualizations to improve reactivity towards security incidents inside corporate networks , 2006, VizSEC '06.

[24]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[25]  Wayne G. Lutters,et al.  Focusing on context in network traffic analysis , 2006, IEEE Computer Graphics and Applications.

[26]  Pavel Minarík,et al.  NetFlow Data Visualization Based on Graphs , 2008, VizSEC.

[27]  Raffael Marty,et al.  Applied Security Visualization , 2008 .