ProBGP: Progressive Visual Analytics of Live BGP Updates

Ulmer, Alex; Sessler, David; Kohlhammer, Jörn

doi:10.1111/cgf.14287

Cited by 4 publications

(15 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In general, BGP visualization tools are intended for expert users or users with strong domain knowledge. Ulmer et al, for example, define the primary target users of their tool as administrators and prefix owners, with regulators, ISPs, and Internet exchange point (IXP) Managers as secondary users [77]. Additionally, Di Donato et al focuses on network operators [22].…”

Section: Usersmentioning

confidence: 99%

“…However, Papadopoulos et al note that "not all the ASes have a publicly known country of origin" [55]. On the other hand, Ulmer et al argue the advantages of geographic visualizations over conventional node-link diagrams [77] and, how the additional location information helps to distinguish suspicious behavior from an unintended misconfiguration [76]. However, there is an alternate opinion that there is not great meaning in geographic distances versus those that can be represented in a node-link graph.…”

Section: Bgp Tool Categorization By Visualization Techniquementioning

confidence: 99%

“…Researchers have developed several BGP visualization tools to aid expert users in identifying, analyzing and understanding BGP attacks and anomalies. For example, well-known and publicly available tools such as BGPlay 1 [14], and more recently Upstream Visibility [9] and ProBGP [77], have been designed for use by network operators, researchers, and law enforcement. However, there has been less BGP visualization tool development than one might expect given how fundamental BGP is to the internet, as well as its historically-unresolved security issues.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

The State of the Art in BGP Visualization Tools: A Mapping of Visualization Techniques to Cyberattack Types

Raynor

Crnovrsanin

Bartolomeo

et al. 2022

IEEE Trans. Visual. Comput. Graphics

View full text Add to dashboard Cite

show abstract

Section: Usersmentioning

confidence: 99%

Section: Bgp Tool Categorization By Visualization Techniquementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The State of the Art in BGP Visualization Tools: A Mapping of Visualization Techniques to Cyberattack Types

Raynor

Crnovrsanin

Bartolomeo

et al. 2022

IEEE Trans. Visual. Comput. Graphics

View full text Add to dashboard Cite

show abstract

“…In general, BGP visualization tools are intended for expert users or users with strong domain knowledge. Ulmer et al, for example, define the primary target users of their tool as administrators and prefix owners, with regulators, ISPs, and Internet exchange point (IXP) Managers as secondary users [76]. Additionally, Di Donato et al focuses on network operators [21].…”

Section: Usersmentioning

confidence: 99%

“…Researchers have developed several BGP visualization tools to aid expert users in identifying, analyzing and understanding BGP attacks and anomalies. For example, well-known and publicly available tools such as BGPlay 1 [14], and more recently Upstream Visibility [8] and ProBGP [76], have been designed for use by network operators, researchers, and law enforcement. However, there has been less BGP visualization tool development than one might expect given how fundamental BGP is to the internet, as well as its historically-unresolved security issues.…”

Section: Introductionmentioning

confidence: 99%

Cybersecurity visualization design approaches: toward connecting research and practice through technique, context, and process

Raynor

View full text Add to dashboard Cite

Visualization tools are used extensively in the cybersecurity domain for various tasks such as network forensics, investigating cyber-attacks, finding vulnerabilities, and reporting findings to decision makers. However, many of the tools utilized in the field are often either commercially produced and require extensive tailoring to function in specific contexts or created by the practitioners themselves. Adoption rates of visualization tools created in academia remain relatively low in practice. The visualization research community is equipped with several design methodologies to approach multidisciplinary visualization challenges and collaborations. However, there are many factors that differentiate the cybersecurity domain space that require more methodological considerations. Some of these considerations include the streaming and continuous nature of the data, complex network and attack scenarios, differences in the user tasks and characterization, as well as an evolving threat landscape. When traditional visualization methodologies are applied to the cybersecurity domain space, there are noted deficiencies that require new approaches. Additionally, feedback from cybersecurity practitioners suggests challenges that arise with adopting new tools that do not entirely fit their existing contexts, processes, and workflows, which, combined with the methodological considerations, leads to lower adoption rates and the need to more fully understand these operational environments.This dissertation addresses these challenges through four works and contributes new approaches, insights, strategies, and reflections for future researchers working with practitioners at the cross-section of visualization and cybersecurity. To do this, I present a mix of ethnographic and qualitative research contributing strategies for incorporating disciplinary diversity of approach, a formalization of visualization techniques for large backbone networks, a novel survey methodology for security related visualization tools, insights on how external context influences cybersecurity visualizations in practice, and an approach for better aligning visualization design methodologies with rapid practitioner technological development of small tactical networks. I identify three different dimensions of potential approaches to visualization design for cybersecurity including technique, context, and process; each captured by working with distinct communities of practice. Overall, our goals are to define the broader challenges experientially, propose approaches that accommodate these challenges in practice, better bridge the gap between academia and industry through reflections and insights on specific applications, and widen the pool of approaches to visualization design through the context of cybersecurity.

show abstract

A Survey on Progressive Visualization

Ulmer,

Angelini,

Fekete

et al. 2024

IEEE Trans. Visual. Comput. Graphics

View full text Add to dashboard Cite

Fig. 1: Overview of our taxonomy with its four major categories: visualization, progressive processing, data domain, and visual update pattern. The visualization categories are based on previous taxonomies [47, 65, 85]. The progressive processing categories are an extension of the progressive visual analytics characterization [5], adding a new "Custom chunking" variant. The data domain categories cover the difference in visualization design if the end of the data or process is known or unknown. The fourth category is the visual update pattern which indicates how the visualizations are updated when new partial results are produced.Abstract-Currently, growing data sources and long-running algorithms impede user attention and interaction with visual analytics applications. Progressive visualization (PV) and visual analytics (PVA) alleviate this problem by allowing immediate feedback and interaction with large datasets and complex computations, avoiding waiting for complete results by using partial results improving with time. Yet, creating a progressive visualization requires more effort than a regular visualization but also opens up new possibilities, such as steering the computations towards more relevant parts of the data, thus saving computational resources. However, there is currently no comprehensive overview of the design space for progressive visualization systems. We surveyed the related work of PV and derived a new taxonomy for progressive visualizations by systematically categorizing all PV publications that included visualizations with progressive features. Progressive visualizations can be categorized by well-known visualization taxonomies, but we also found that progressive visualizations can be distinguished by the way they manage their data processing, data domain, and visual update. Furthermore, we identified key properties such as uncertainty, steering, visual stability, and real-time processing that are significantly different with progressive applications. We also collected evaluation methodologies reported by the publications and conclude with statistical findings, research gaps, and open challenges. A continuously updated visual browser of the survey data is available at visualsurvey.net/pva.

show abstract

ProBGP: Progressive Visual Analytics of Live BGP Updates

Cited by 4 publications

References 30 publications

The State of the Art in BGP Visualization Tools: A Mapping of Visualization Techniques to Cyberattack Types

The State of the Art in BGP Visualization Tools: A Mapping of Visualization Techniques to Cyberattack Types

Cybersecurity visualization design approaches: toward connecting research and practice through technique, context, and process

A Survey on Progressive Visualization

Contact Info

Product

Resources

About