Real-time visualization of network behaviors for situational awareness

Best, Daniel M.; Bohn, Shawn; Love, Douglas V.; Wynne, Adam; Pike, William

doi:10.1145/1850795.1850805

Cited by 48 publications

(26 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SnortView [18] focuses on the intrusion detection, while Event Visualizer [19] provides real-time visualizations for event data streams for real-time monitoring as well as various exploration mechanisms. On the other hand, authors in [20] propose a real-time visualization system to enhance situational awareness from network traffic data using LiveRAC [21]. Once analyzed and aggregated, time-series are displayed in a zoomable tabular interface to enable interactive exploration.…”

Section: Background and State-of-the-artmentioning

confidence: 99%

An Incremental Approach for Real-Time Big Data Visual Analytics

García¹,

Casado

Bouchachia

2016

2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW)

View full text Add to dashboard Cite

Abstract-In the age of Big Data, the real-time interactive visualization is a challenge due to latency of executing calculation over terabytes (even, petabytes) datasets. The execution of an operation has to finish before its outcome is displayed, which would be an issue in those scenarios where low-latency responses are required. To address such a requirement, this paper introduces a new approach for real-time visualization of extremely large data-at-rest as well as data-in-motion by showing intermediate results as soon as they become available. This should allow the data analyst to take decisions in real-time.

show abstract

Section: Background and State-of-the-artmentioning

confidence: 99%

An Incremental Approach for Real-Time Big Data Visual Analytics

García¹,

Casado

Bouchachia

2016

2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW)

View full text Add to dashboard Cite

show abstract

“…The focus of Event Visualizer [8], is to provide real-time visualizations for event data streams (e.g., system log data) to provide real-time monitoring and possibilities to smoothly switch to exploration mode covering DC2 and DC4. In contrast to this event-based approach, Best et al [3] proposes another real-time system to enhance situational awareness using the analysis of network traffic based on LiveRAC [13]. The analyzed and aggregated time-series are displayed in a zoomable tabular interface to provide the analyst an interactive exploration interface for time-series data, while our approach is more general to include also other data types (e.g., frequent words or users, hierarchical overviews) addressing DC4.…”

Section: Related Workmentioning

confidence: 99%

NStreamAware

Fischer

Keim

2014

Proceedings of the Eleventh Workshop on Visualization for Cyber Security

View full text Add to dashboard Cite

The analysis of data streams is important in many securityrelated domains to gain situational awareness. To provide monitoring and visual analysis of such data streams, we propose a system, called NStreamAware, that uses modern distributed processing technologies to analyze streams using stream slices, which are presented to analysts in a web-based visual analytics application, called NVisAware. Furthermore, we visually guide the user in the feature selection process to summarize the slices to focus on the most interesting parts of the stream based on introduced expert knowledge of the analyst. We show through case studies, how the system can be used to gain situational awareness and eventually enhance network security. Furthermore, we apply the system to a social media data stream to compete in an international challenge to evaluate the applicability of our approach to other domains.

show abstract

“…the network infrastructure), what (type of alert) and when network security alerts occurred. While real-time aspects were not explicitly considered in this work, the system of Best et al [3] puts its focus there. Using a high-throughput processing platform, the authors base their network monitoring work on the above mentioned SAX technique to model behavior of actors in the network in real-time and visualize these through a glyph representation.…”

Section: Time Series Visualizationmentioning

confidence: 99%

Dynamic Visual Analytics—Facing the Real-Time Challenge

Mansmann

Fischer

Keim

2012

Expanding the Frontiers of Visual Analytics and Visualization

View full text Add to dashboard Cite

Abstract. Modern communication infrastructures enable more and more information to be available in real-time. While this has proven to be useful for very targeted pieces of information, the human capability to process larger quantities of mostly textual information is definitely limited. Dynamic visual analytics has the potential to circumvent this real-time information overload by combining incremental analysis algorithms and visualizations to facilitate data stream analysis and provide situational awareness. In this book chapter we will thus define dynamic visual analytics, discuss its key requirements and present a pipeline focusing on the integration of human analysts in real-time applications. To validate this pipeline, we will demonstrate its applicability in a real-time monitoring scenario of server logs.

show abstract

Real-time visualization of network behaviors for situational awareness

Cited by 48 publications

References 14 publications

An Incremental Approach for Real-Time Big Data Visual Analytics

An Incremental Approach for Real-Time Big Data Visual Analytics

NStreamAware

Dynamic Visual Analytics—Facing the Real-Time Challenge

Contact Info

Product

Resources

About