Skip to main content
SpringerLink
Log in

A Survey of Network Traffic Visualization in Detecting Network Security Threats

  • Conference paper
  • First Online:
Trustworthy Computing and Services (ISCTCS 2014)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 520))

Included in the following conference series:

Abstract

Analyzing network traffic to detect network security threats has drawn attentions from security researchers for decades. However, the new characteristics of network traffic, such as explosive growth, more diverse attack types and higher dimension, have brought us new challenges. Because of these challenges, traditional detecting technologies like log analysis cannot directly identify threats from traffic in time. Visualization can straightly and quickly display multi-dimensional information of large network traffic. It can be our powerful weapon to meet the challenges. In this paper, we classify the network traffic into four layers. According to different layer, we systematically survey several well-known network traffic visualization systems. Then we analyze the advantages and disadvantages for each system and give out the comparisons. We also introduce the future works for network traffic visualization.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. McCormick, B.H., Defanti, T.A., Brown, M.D.: Visualization in scientific computing. Comput. Graphics 21(6), 1103–1109 (1987)

    Google Scholar 

  2. Lv, L., Zhang, J., Sun, J., He, P., Sun, L.: Survey of network security visualization techniques. Comput. Appl. 28(8), 1924–1927 (2008)

    Google Scholar 

  3. Oetiker, T.: Multi router traffic grapher. http://oss.oetiker.ch/mrtg/

  4. Yi, L., Ni, W., Han, Z.: Network traffic statistic analysis and visualization system. Microelectron. Comput. 24(6), 153–155 (2007)

    Google Scholar 

  5. Popa, F.: Network traffic visualization. seminar innovative internet-technologien und mobilkommunikation, WS 2008/2009 Institut fr Informatik, Lehrstuhl Netzarchitekturen und Netzdienste Technische Universitt, Mnchen

    Google Scholar 

  6. CAIDA Skitter. http://www.caida.org/tools/measurement/skitter/

  7. Shi, L., Liao, Q., Yang, C.: Investigating network traffic through compressed graph visualization. In: VAST 2012 Mini Challenge 2 Award: Good Adaptation of Graph Analysis Techniques (2012)

    Google Scholar 

  8. Lau, S.: The spinning cube of potential doom. Commun. ACM 47(6), 25–26 (2004)

    Article  Google Scholar 

  9. Kim, S.S., Narasimha Reddy, A.L.: NetViewer: a network traffic visualization and analysis tool. In: LISA 2005 Paper, A M University, Texas (2005)

    Google Scholar 

  10. McPherson, J., Ma, K.-L., Krystosk, P., Bartoletti, T., Christensen, M.: Portvis: a tool for port-based detection of security events. In: VizSEC/DMSEC 2004 Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 73–81. ACM Press (2004)

    Google Scholar 

  11. Ball, R., Fink, G.A., North, C.: Home-centric visualization of network traffic for security administration. In: VizSEC/DMSEC04 Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 55–64. ACM Press (2004)

    Google Scholar 

  12. Yin, X., Yurcik, W., Li, Y., Lakkaraju, K., Abad, C.: VisFlowConnect: providing security situational awareness by visualizing networks traffic flow. In: Proceedings of the IEEE 2004 (2004)

    Google Scholar 

  13. Allen, M., McLachlan, P.: NAV network analysis visualization, University of British Columbia, 29 May 2009

    Google Scholar 

  14. Fischer, F., Mansmann, F., Keim, D.A., Pietzko, S., Waldvogel, M.: Large-scale network monitoring for visual analysis of attacks. In: Goodall, J.R., Conti, G., Ma, K.-L. (eds.) VizSec 2008. LNCS, vol. 5210, pp. 111–118. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. Ren, P., Gao, Y., Li, Z., Chen, Y., Watson, B.: IDGraph: intrusion detection and analysis using stream compositing. IEEE Comput. Graph. Appl. 26, 28–39 (2006)

    Article  Google Scholar 

  16. Bethel, E.W., Campbell, S., Dart, E.: Accelerating network traffic analytics using query-driven visualization. In: IEEE Symposium on Visual Analytics Science and Technology (2006)

    Google Scholar 

  17. Xiao, L., Gerth, J., Hanrahan, P.: Enhancing visual analysis of network traffic using knowledge representation. In: Proceedings of the IEEE Symposium on Visual Analytics Science and Technology (2006)

    Google Scholar 

  18. Ren, P., Kristoff, J., Gooch, B.: Visualizing DNS traffic. In: VizSEC 2006 Proceedings of the 3rd International Workshop on Visualization for Computer Security, pp. 23–30 (2006)

    Google Scholar 

  19. http://infosthetics.com/archives/2010/10/logtool_revealing_the_hidden_patterns_of_online_surfing_behavior.html

Download references

Acknowledgments

This work was supported by The National Science and Technology Support Program (Grant No. 2012BAH46B02); the National Natural Science Foundation (Grant No. 61402464, 61402474).

Author information

Authors and Affiliations

  1. Institute of Information Engineering, Chinese Academy of Science, Beijing, China

    Xiaomei Liu, Yong Sun, Junpeng Liu & Lingjing Yu

  2. Beijing University of Posts and Telecommunications, Beijing, China

    Liang Fang

  3. National Engineering Laboratory for Information Security Technologies, Beijing, China

    Xiaomei Liu, Yong Sun, Liang Fang, Junpeng Liu & Lingjing Yu

Authors
  1. Xiaomei Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yong Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Liang Fang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Junpeng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lingjing Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yong Sun .

Editor information

Editors and Affiliations

  1. Beijing University of Posts and Telecommuncations, Beijing, China

    Lu Yueming

  2. Beijing University of Posts and Telecommunications, Beijing, China

    Wu Xu

  3. Beijing University of Posts and Telecommunications, Beijing, China

    Zhang Xi

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Liu, X., Sun, Y., Fang, L., Liu, J., Yu, L. (2015). A Survey of Network Traffic Visualization in Detecting Network Security Threats. In: Yueming, L., Xu, W., Xi, Z. (eds) Trustworthy Computing and Services. ISCTCS 2014. Communications in Computer and Information Science, vol 520. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-47401-3_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-47401-3_12

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-47400-6

  • Online ISBN: 978-3-662-47401-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation