Multiple View Cooperative Visual Analytics of Network Operation Log

doi:10.3969/j.issn.1671-1122.2016.10.002

Netinfo Security ›› 2016, Vol. 16 ›› Issue (10): 8-14.doi: 10.3969/j.issn.1671-1122.2016.10.002

• Orginal Article • Previous Articles Next Articles

Multiple View Cooperative Visual Analytics of Network Operation Log

Jinsong WANG^1,^2,³(), Jingyun HUANG^1,^2,³, Hongwei ZHANG^1,^2,³, Huirong NAN^1,^2,³

1. School of Computer and Communication Engineering, Tianjin University of Technology, Tianjin 300384, China
2. Tianjin Key Laboratory of Intelligence Computing and Novel Software Technology, Tianjin 300384, China
3. National Engineering Laboratory for Computer Virus Prevention and Control Technology, Tianjin300457, China

Received:2016-08-10 Online:2016-10-31 Published:2020-05-13

Abstract

Abstract:

Network operation log is the main source of information for network managers to master the state of the network. After dealing with the network operation data and according to the feature analysis, this paper presents a collaborative visual analyze system for network operation log, it provides multiple views with direct and rich interactions to modeling the data from different aspects. Force graph, stack graph and heat map are introduced to the visualization of network security. By collaborative visual analytics can help network administrators understand the structure of the whole network and the operating characteristics of the network. The system includes two modules. One is to analyze the network structure by three dimensions, port, connection and flow, and then distinguish the hosts between servers and clients. The other is to analyze the anomalies of the whole network by the overall flow situation, and then to find communication modes by time dimension.

Key words: network visualization, visualization analytics, network communication mode, collaborative analytics

CLC Number:

TP309

Jinsong WANG, Jingyun HUANG, Hongwei ZHANG, Huirong NAN. Multiple View Cooperative Visual Analytics of Network Operation Log[J]. Netinfo Security, 2016, 16(10): 8-14.

Figures/Tables 9

References 17

[1]	孟浩,王劲松,黄静耘,等. 基于TcpFlow的网络可视分析系统研究与实现[J]. 信息网络安全,2016(2):40-46.
[2]	赵颖,樊晓平,周芳芳,等. 网络安全数据可视化综述[J]. 计算机辅助设计与图形学学报,2014,26(5):687-697.
[3]	PLONKA D.FlowScan: A Network Traffic Flow Reporting and Visualization Tool[C]// USENIX. 14th USENIX Conference on System Administration, December 3-8, 2000, New Orleans, Louisiana, USA. New York: ACM, 2000: 305-317.
[4]	KOIKE H, OHNO K, KOIZUMI K.Visualizing Cyber-attacks Using IP Matrix[C]//IEEE. IEEE Workshop on Visualization for Computer Security (VizSEC 2005), October 26, 2005, Minneapolis, MN, USA. New Jersey, IEEE, 2005: 91-98.
[5]	CHEN Siming, GUO Cong, YUAN Xiaoru, et al.OCEANS: Online Collaborative Explorative Analysis on Network Security[C]//ACM. 11th Workshop on Visualization for Cyber Security, November 10, 2014, Paris, France. New York: ACM, 2014: 1-8.
[6]	FISHER F, FUCHS J, MANSMANN F, et al.BANKSAFE: Visual Analytics for Big Data in Large-scale Computer Networks[J]. Information Visualization, 2015, 14(1): 51-61.
[7]	COLLINS M.Network Security through Data Analysis: Building Situational Awareness[M]. Sebastopol: O'Reilly Media, 2014.
[8]	韩伟红,贾焰,郑毅. 海量网络服务实时自动分类系统的研究与实现[J]. 信息网络安全,2015(9):236-239.
[9]	LANZING J. Concept-map Homepage[EB/OL]. .
[10]	DWYER T, KOREN Y. Dig-CoLa: Directed Graph Layout through Constrained Energy Minimization[EB/OL]. .
[11]	ABDULLAH K, LEE C, CONTI G, et al.Visualizing Network Data for Intrusion Detection[C]//IEEE. 6th Annual IEEE SMC Information Assurance Workshop (IAW’ 05), June 15-17, 2005, New York, USA. New Jersey: IEEE, 2005: 100-108.
[12]	赵颖,王权,黄叶子,等. 多视图合作的网络流量时序数据可视分析[J]. 软件学报,2016,27(5):1188-1198.
[13]	BREITKREUTZ B J, STARK C, TYERS M.Osprey: a Network Visualization System[J]. Genome Biology, 2003, 4(3): 1-4.
[14]	BATTISTA G D, EADES P, TAMASSIA R, et al.Graph Drawing: Algorithms for the Visualization of Graphs[M]. Upper Saddle River: Prentice Hall, 1998.
[15]	国防科技大学高性能计算国家重点实验室. China Vis Homepage[EB/OL]. .
[16]	刘鹏,陈厚武,房潇,等. 网络安全态势监控机制与模型研究[J]. 信息网络安全,2015(9):66-69.
[17]	FORTIER S, SHOMBERT L A. Network Profiling and Data Visualization[EB/OL]. https://www.researchgate.net/publication/301356925_Network_Profiling_and_Data_Visualization, 2016-5-15.

Multiple View Cooperative Visual Analytics of Network Operation Log

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 9

References 17

Related Articles 1

Recommended Articles

Metrics

Comments