Alex Ulmer scite author profile

et al. 2016

This paper addresses the problem of detecting the presence of malware that leave periodic traces in network traffic. This characteristic behavior of malware was found to be surprisingly prevalent in a parallel study. To this end, we propose a visual analytics solution that supports both automatic detection and manual inspection of periodic signals hidden in network traffic. The detected periodic signals are visually verified in an overview using a circular graph and two stacked histograms as well as in detail using deep packet inspection. Our approach offers the capability to detect complex periodic patterns, but avoids the unverifiability issue often encountered in related work. The periodicity assumption imposed on malware behavior is a relatively weak assumption, but initial evaluations with a simulated scenario as well as a publicly available network capture demonstrate its applicability

Visual access to an agent-based simulation model to support political decision making

Ruppert

Bernard

et al. 2014

Decision making in the field of policy making is a complex task. On the one hand conflicting objectives influence the availability of alternative solutions for a given problem. On the other hand economic, social, and environmental impacts of the chosen solution have to be considered. In the political context, these solutions are called policy options. To tackle societal problems a thorough analysis of policy options needs to be executed before a policy can be put into practice. Computational simulation is a method considered for measuring the impacts of policy options. However, due to their complexity, the underlying models and their output may be difficult to access by decision makers. In this work, we present a visual-interactive interface for an agent-based simulation model that enables decision makers to evaluate the impacts of alternative policy options in the field of regional energy planning. The decision maker can specify different subsidy strategies for supporting public photovoltaic installations as input and evaluate their impact on the actual adoption via the simulation output. We show the usability and usefulness of the visual interface in a real-world example evolved from the European research project ePolicy

Visual-Interactive Identification of Anomalous IP-Block Behavior Using Geo-IP Data

Schufrin

Sessler

et al. 2018

ProBGP: Progressive Visual Analytics of Live BGP Updates

Computer Graphics Forum

Sessler

Kohlhammer

2021

The global routing network is the backbone of the Internet. However, it is quite vulnerable to attacks that cause major disruptions or routing manipulations. Prior related works have visualized routing path changes with node link diagrams, but it requires strong domain expertise to understand if a routing change between autonomous systems is suspicious. Geographic visualization has an advantage over conventional node‐link diagrams by helping uncover such suspicious routes as the user can immediately see if a path is the shortest path to the target or an unreasonable detour. In this paper, we present ProBGP, a web‐based progressive approach to visually analyze BGP update routes. We created a novel progressive data processing algorithm for the geographic approximation of autonomous systems and combined it with a progressively updating visualization. While the newest log data is continuously loaded, our approach also allows querying the entire log recordings since 1999. We present the usefulness of our approach with a real use case of a major route leak from June 2019. We report on multiple interviews with domain experts throughout the development. Finally, we evaluated our algorithm quantitatively against a public peering database and qualitatively against AS network maps.

NetCapVis: Web-based Progressive Visual Analytics for Network Packet Captures

Sessler

Kohlhammer

2019