论文信息 - InetVis, a visual tool for network telescope traffic analysis

InetVis, a visual tool for network telescope traffic analysis

This article illustrates the merits of visual analysis as it presents preliminary findings using InetVis - an animated 3-D scatter plot visualization of network events. The concepts and features of InetVis are evaluated with reference to related work in the field. Tested against a network scanning tool, anticipated visual signs of port scanning and network mapping serve as a proof of concept. This research also unveils substantial amounts of suspicious activity present in Internet traffic during August 2005, as captured by a class C network telescope. InetVis is found to have promising scalability whilst offering salient depictions of intrusive network activity.

Barry Irwin | Jean-Pierre van Riel | B. Irwin | J. V. Riel

[1] Thomas P. Caudell,et al. Immersive Network Monitoring , 2003 .

[2] Stephen Lau,et al. The Spinning Cube of Potential Doom , 2004, CACM.

[3] Yifan Li,et al. VisFlowConnect: netflow visualizations of link relationships for security situational awareness , 2004, VizSEC/DMSEC '04.

[4] T. J. Jankun-Kelly,et al. Detecting flaws and intruders with visual data analysis , 2004, IEEE Computer Graphics and Applications.

[5] Chris North,et al. Home-centric visualization of network traffic for security administration , 2004, VizSEC/DMSEC '04.

[6] Stefan Axelsson,et al. Combining a bayesian classifier with visualisation: understanding the IDS , 2004, VizSEC/DMSEC '04.