VisFlowConnect-IP: A Link-Based Visualization of NetFlows for Security Monitoring
نویسنده
چکیده
Network traffic dynamics have become an important behavior-based approach to assist security administrators in protecting networks. In this paper we present VisFlowConnect-IP, a link-based network flow visualization tool that allows operators to detect and investigate anomalous internal and external network traffic. We model the network as a graph with hosts being nodes and traffic being flows on edges. We present a detailed description of VisFlowConnect-IP functionality and demonstrate its application to traffic dynamics in order to monitor, discover, and investigate security-relevant events.
منابع مشابه
VisFlowConnect-IP: An Animated Link Analysis Tool For Visualizing Netflows
We present VisFlowConnect-IP, a network flow visualization tool that allows operators to detect and investigate anomalous internal and external network traffic. We model the network on a parallel axes graph with hosts as nodes and traffic flows as lines connecting these nodes. We present an overview of this tool’s purpose, as well as a detailed description of its functions.
متن کاملVisualizing NetFlows for Security at Line Speed: The SIFT Tool Suite
The first step in improving Internet security is measurement – security events must be made visible. The irony in making this happen is that there is no lack of security measurement data, in fact, quite the opposite. However, making security manifest faces a major challenge: the large volume and multi-dimensional nature of security data typically obscures valuable security events. NCSA has deve...
متن کاملThe Design of VisFlowConnect-IP: a Link Analysis System for IP Security
Visualization of IP-based traffic dynamics on networks is a challenging task due to large data volume and the complex, temporal relationships between hosts. We present the architecture of VisFlowConnect-IP, a powerful new tool to visualize IP network traffic flow dynamics for security situational awareness. VisFlowConnect-IP allows an operator to visually assess the connectivity of large and co...
متن کاملInternet Security Visualization Case Study: Instrumenting a Network for NetFlow Security Visualization Tools
With the development of the Internet and organizational intranets, it has become an increasingly critical and difficult task to monitor large and complex networks indispensable to security risk management and network performance analysis. Monitoring for security situational awareness with visualization has been shown to be an effective and efficient approach. However, the quality of source data...
متن کاملSecurity Analysis of Lightweight Authentication Scheme with Key Agreement using Wireless Sensor Network for Agricultural Monitoring System
Wireless sensor networks have many applications in the real world and have been developed in various environments. But the limitations of these networks, including the limitations on the energy and processing power of the sensors, have posed many challenges to researchers. One of the major challenges is the security of these networks, and in particular the issue of authentication in the wireles...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006