HintVis: The Hierarchical Visualization of Network Traffic Data

The network traffic data is interpreted differently by people in different sectors. This paper proposes a framework for hierarchically visualizing the network traffic data, and customizes a set of the classic approaches or algorithms to produce visualizations in different levels. Based on the framework, we developed a prototype system Hint Vis to support analyzing network traffic data in different levels by constructing layered semantic network traffic objects and producing hierarchical visualizations. The usability of Hint Vis is demonstrated by visualizing packets going through the gateway in a LAN. Depending on the hierarchical visualizations, analysts are able to semantically navigate in the network traffic data and concentrate on what they need.

[1]  Kouichi Sakurai,et al.  Toward a Scalable Visualization System for Network Traffic Monitoring , 2008, IEICE Trans. Inf. Syst..

[2]  William Yurcik,et al.  Closing-the-loop in NVisionIP: integrating discovery and search in security visualizations , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[3]  Kwan-Liu Ma,et al.  PortVis: a tool for port-based detection of security events , 2004, VizSEC/DMSEC '04.

[4]  Koji Koyamada,et al.  Hierarchical visualization of network intrusion detection data , 2006, IEEE Computer Graphics and Applications.

[5]  Robert F. Erbacher,et al.  Designing visualization capabilities for IDS challenges , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[6]  Chris North,et al.  Home-centric visualization of network traffic for security administration , 2004, VizSEC/DMSEC '04.

[7]  Jarke J. van Wijk,et al.  Squarified Treemaps , 2000, VisSym.

[8]  Jeff Janies Existence Plots: A Low-Resolution Time Series for Port Behavior Analysis , 2008, VizSEC.

[9]  Michael Garland,et al.  On the Visualization of Social and other Scale-Free Networks , 2008, IEEE Transactions on Visualization and Computer Graphics.

[10]  Wayne G. Lutters,et al.  Preserving the big picture: visual network traffic analysis with TNV , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[11]  Ali A. Ghorbani,et al.  A Survey of Visualization Systems for Network Security , 2012, IEEE Transactions on Visualization and Computer Graphics.

[12]  Edward M. Reingold,et al.  Graph drawing by force‐directed placement , 1991, Softw. Pract. Exp..

[13]  Yifan Li,et al.  VisFlowConnect: netflow visualizations of link relationships for security situational awareness , 2004, VizSEC/DMSEC '04.

[14]  Yong-Xian Wang,et al.  A fast successive over-relaxation algorithm for force-directed network graph drawing , 2011, Science China Information Sciences.