Abstract
Monitoring host behavior in a network is one of the most essential tasks in the fields of network monitoring and security since more and more malicious code in the wild internet constantly threatens the network infrastructure. In this paper, we present a visual analytics tool that visualizes network host behavior through positional changes in a two-dimensional space using a force-directed graph layout algorithm.
The tool’s interaction capabilities allow for visual exploration of network traffic over time and are demonstrated using netflow data as well as IDS alerts. Automatic accentuation of hosts with highly variable traffic results in fast hypothesis generation and confirmation of suspicious host behavior. By triggering the behavior graph from the HNMap tool, we were able to monitor more abstract network entities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Mansman, F., Meier, L., Keim, D.A. (2008). Visualization of Host Behavior for Network Security. In: Goodall, J.R., Conti, G., Ma, KL. (eds) VizSEC 2007. Mathematics and Visualization. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78243-8_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-78243-8_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78242-1
Online ISBN: 978-3-540-78243-8
eBook Packages: Computer ScienceComputer Science (R0)