Download NetGrok A Visualization Tool for Network Administrators

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
Document related concepts

Wake-on-LAN wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Computer security wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Computer network wikipedia , lookup

IEEE 1355 wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Network tap wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Airborne Networking wikipedia , lookup

Transcript 
Visualizing Real-Time Network
Resource Usage
Ryan Blue, Cody Dunne, Adam Fuchs,
Kyle King, and Aaron Schulman
University of Maryland,
Dept. of Computer Science
Contact: [email protected]
Workshop on Visualization for Computer Security
September 15, 2008 Boston, MA
Introduction
• Computer network data is rich, and full of interesting patterns
– Adversarial behavior
– Configuration problems
– Unfair resource usage
• Network administrators don’t typically use visualization tools
– Too much data to see visually
– Cluttered
– Hard to follow
– Primary tools are text based
• NetGrok brings new visualizations to network administrators
Goals
•
•
•
•
Real-time
Visual stability
Identify local systems
Monitor behavior
– Attacks
– Topology changes
– Unusual network usage
NetGrok
http://www.youtube.com/watch?v=uCXPaNvl5Ok
Contributions
• Hashed layout for consistent node placement
• Grouped, home-centric network layout
• Treemap showing connections between nodes
without occlusion
• Mouse-over and preferential display of edges
reduces visual complexity
• Application of filter and selection widgets to
network visualization
• Visualization framework for real-time IP data
flows
Implementation Details
• Built in Java
• Visualizations and data store built primarily
using the Prefuse toolkit,
– Custom data structures and visualizations
• Packet capturing and PCAP file reading use the
JPCAP library
• GUI constructed with Jigloo Eclipse plugin
Professional Feedback
• Expert user: Brad Plecs, Network Administrator for the CS Dept. at
UMD
• Use case meetings (2 x 1 hr + emails)
• PCAP and live capture analysis (1 hr)
• Likert scale questionnaire
• Positive:
– Filter sliders, esp. time histogram
– Intuitive layout and grouping
– "NetGrok is excellent as a real-time diagnostic"
• Criticisms:
–
–
–
–
Needs to be aware of transport layer data (TCP/UDP)
Dynamic grouping
Animations are confusing, distracting, and slow
Treemaps interesting but not intuitive
Future Work
• Add support for aging off old data
• Add more visualizations
– Semantic substrates for foreign host layout
– Coarser views for larger data sets
• Personal security tool
Acknowledgments
• Professor Ben Shneiderman our advisor
• Brad Plecs for offering expert advice and
participation in our preliminary case study
• Thomas Lotze, Joonghoon Lee, Michael
VanDaniker, Fatemeh Mir Rashed, Abigail
Daken, Michael Lam, Huimin Guo, and Krist
Wongsuphasawat our class paper reviewers
Contact Info
• Website: www.cs.umd.edu/projects/netgrok/
• Email:
[email protected]
Related documents
VISUAL INSIGHTS A Practical Guide to Making Sense of Data
VISUAL INSIGHTS A Practical Guide to Making Sense of Data
Problem Set 7
Problem Set 7
Medical Data Review and Exploratory Data Analysis using Data Visualisation
Medical Data Review and Exploratory Data Analysis using Data Visualisation
Using Canvas and PechaKucha to Facilitate Undergraduate Peer Teaching Alexander J. Carroll
Using Canvas and PechaKucha to Facilitate Undergraduate Peer Teaching Alexander J. Carroll
Discussion Two topics 1. What are the two most important topics
Discussion Two topics 1. What are the two most important topics
Slide 1
Slide 1
ampliation - Computer Science
ampliation - Computer Science
UMD General Information - UMD Division of Research
UMD General Information - UMD Division of Research
UMMSD Policy on Student Records
UMMSD Policy on Student Records
Dr. Stephan Fuller Presentation December 2013 - DBIA Mid
Dr. Stephan Fuller Presentation December 2013 - DBIA Mid
lynch_pres1
lynch_pres1
seminar on operating systems - Universidad Técnica Federico Santa
seminar on operating systems - Universidad Técnica Federico Santa
Poster
Poster
Data Visualization INFO-GB 3306.10 (9/17 - 12/10)
Data Visualization INFO-GB 3306.10 (9/17 - 12/10)
cultural analytics - Media Arts and Technology
cultural analytics - Media Arts and Technology
Slides
Slides
Untitled - Cyymachine
Untitled - Cyymachine
An Internet Protocol (IP) Address
An Internet Protocol (IP) Address
Concurrent Visualization of Relationships between Words and
Concurrent Visualization of Relationships between Words and
Visualizing the Execution of Java Programs
Visualizing the Execution of Java Programs
View PDF - Computer Science: Indiana University
View PDF - Computer Science: Indiana University
Document
Document