Graph Drawing for Security Visualization

  • Roberto Tamassia
  • Bernardo Palazzi
  • Charalampos Papamanthou
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5417)


With the number of devices connected to the internet growing rapidly and software systems being increasingly deployed on the web, security and privacy have become crucial properties for networks and applications. Due the complexity and subtlety of cryptographic methods and protocols, software architects and developers often fail to incorporate security principles in their designs and implementations. Also, most users have minimal understanding of security threats. While several tools for developers, system administrators and security analysts are available, these tools typically provide information in the form of textual logs or tables, which are cumbersome to analyze. Thus, in recent years, the field of security visualization has emerged to provide novel ways to display security-related information so that it is easier to understand. In this work, we give a preliminary survey of approaches to the visualization of computer security concepts that use graph drawing techniques.


Intrusion Detection Border Gateway Protocol Graph Drawing Trust Negotiation Attack Graph 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ball, R., Fink, G.A., North, C.: Home-centric visualization of network traffic for security administration. In: Proc. Workshop on Visualization and Data Mining for Computer Security (VIZSEC/DMSEC), pp. 55–64 (2004)Google Scholar
  2. 2.
    Barghouti, N.S., Mocenigo, J., Lee, W.: Grappa: A GRAPh PAckage in Java. In: DiBattista, G. (ed.) GD 1997. LNCS, vol. 1353, pp. 336–343. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  3. 3.
    Chalmers, M.: A linear iteration time layout algorithm for visualising high-dimensional data. In: Proc. Conference on Visualization (VIS), pp. 127–132 (1996)Google Scholar
  4. 4.
    Conti, G.: Security Data Visualization. No Starch Press, San Francisco (2007), Google Scholar
  5. 5.
    Di Battista, G., Mariani, F., Patrignani, M., Pizzonia, M.: Bgplay: A system for visualizing the interdomain routing evolution. In: Liotta, G. (ed.) GD 2003. LNCS, vol. 1353, pp. 295–306. Springer, Heidelberg (2003)Google Scholar
  6. 6.
    Eades, P.: A heuristic for graph drawing. Congr. Numer. 42, 149–160 (1984)MathSciNetGoogle Scholar
  7. 7.
    Ellson, J., Gansner, E.R., Koutsofios, L., North, S.C., Woodhull, G.: Graphviz and dynagraph - static and dynamic graph drawing tools. In: Graph Drawing Software, pp. 127–148. Springer, Heidelberg (2003)Google Scholar
  8. 8.
    Fruchterman, T., Reingold, E.: Graph drawing by force-directed placement. Softw. – Pract. Exp. 21(11), 1129–1164 (1991)CrossRefGoogle Scholar
  9. 9.
    Girardin, L., Brodbeck, D.: A visual approach for monitoring logs. In: Proc. of USENIX Conference on System Administration (LISA), pp. 299–308 (1998)Google Scholar
  10. 10.
    Heitzmann, A., Palazzi, B., Papamanthou, C., Tamassia, R.: Effective visualization of file system access-control. In: Goodall, J.R., Conti, G., Ma, K.-L. (eds.) VizSec 2008. LNCS, vol. 5210, pp. 18–25. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Johnson, B., Shneiderman, B.: Tree maps: A space-filling approach to the visualization of hierarchical information structures. In: Proc. Conference on Visualization (VIS), pp. 284–291 (1991)Google Scholar
  12. 12.
    Mansmann, F., Meier, L., Keim, D.: Graph-based monitoring of host behavior for network security. In: Proc. Visualization for Cyper Security (VIZSEC), pp. 187–202 (2007)Google Scholar
  13. 13.
    Montemayor, J., Freeman, A., Gersh, J., Llanso, T., Patrone, D.: Information visualization for rule-based resource access control. In: Proc. of Int. Symposium on Usable Privacy and Security (SOUPS) (2006)Google Scholar
  14. 14.
    Muelder, C., Ma, K.L., Bartoletti, T.: A visualization methodology for characterization of network scans. In: Proc. Visualization for Cyber Security (VIZSEC) (2005)Google Scholar
  15. 15.
    Noack, A.: An energy model for visual graph clustering. In: Liotta, G. (ed.) GD 2003. LNCS, vol. 1353, pp. 425–436. Springer, Heidelberg (2003)Google Scholar
  16. 16.
    Noel, S., Jacobs, M., Kalapa, P., Jajodia, S.: Multiple coordinated views for network attack graphs. In: Proc.Visualization for Cyber Security (VIZSEC), pp. 99–106 (2005)Google Scholar
  17. 17.
    Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proc. Workshop on Visualization and Data Mining for Computer Security (VIZSEC/DMSEC), pp. 109–118 (2004)Google Scholar
  18. 18.
    Oberheide, J., Karir, M., Blazakis, D.: VAST: Visualizing autonomous system topology. In: Proc. Visualization for Cyber Security (VIZSEC), pp. 71–80 (2006)Google Scholar
  19. 19.
    Teoh, S.T., Ranjan, S., Nucci, A., Chuah, C.N.: BGP Eye: a new visualization tool for real-time detection and analysis of BGP anomalies. In: Proc. Visualization for Cyber Security (VIZSEC), pp. 81–90 (2006)Google Scholar
  20. 20.
    Toledo, J.: Etherape: a live graphical network monitor tool,
  21. 21.
    Tölle, J., Niggermann, O.: Supporting intrusion detection by graph clustering and graph drawing. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907. Springer, Heidelberg (2000)Google Scholar
  22. 22.
    Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: Proc. Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 92–103 (2002)Google Scholar
  23. 23.
    Yao, D., Shin, M., Tamassia, R., Winsborough, W.H.: Visualization of automated trust negotiation. In: Proc. Visualization for Cyber Security (VIZSEC), pp. 65–74 (2005)Google Scholar
  24. 24.
    Yin, X., Yurcik, W., Treaster, M., Li, Y., Lakkaraju, K.: VisFlowConnect: Netflow visualizations of link relationships for security situational awareness. In: Proc. Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC), pp. 26–34 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Roberto Tamassia
    • 1
  • Bernardo Palazzi
    • 1
    • 2
    • 3
  • Charalampos Papamanthou
    • 1
  1. 1.Department of Computer ScienceBrown UniversityProvidenceUSA
  2. 2.Roma TRE UniversityRomeItaly
  3. 3.ISCOM Italian Ministry of Economic Development-CommunicationsRomeItaly

Personalised recommendations