Advertisement

VizSEC 2007 pp 187-202 | Cite as

Visualization of Host Behavior for Network Security

  • F. Mansman
  • L. Meier
  • D. A. Keim
Part of the Mathematics and Visualization book series (MATHVISUAL)

Abstract

Monitoring host behavior in a network is one of the most essential tasks in the fields of network monitoring and security since more and more malicious code in the wild internet constantly threatens the network infrastructure. In this paper, we present a visual analytics tool that visualizes network host behavior through positional changes in a two-dimensional space using a force-directed graph layout algorithm.

The tool’s interaction capabilities allow for visual exploration of network traffic over time and are demonstrated using netflow data as well as IDS alerts. Automatic accentuation of hosts with highly variable traffic results in fast hypothesis generation and confirmation of suspicious host behavior. By triggering the behavior graph from the HNMap tool, we were able to monitor more abstract network entities.

Keywords

Network Security Computer Security Dimension Node Network Entity Graph Layout 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • F. Mansman
    • 1
  • L. Meier
    • 1
  • D. A. Keim
    • 1
  1. 1.University of KonstanzGermany

Personalised recommendations