Abstract
We present NetGrok, a tool for visualizing computer network usage in real-time. NetGrok combines well-known information visualization techniques—overview, zoom & filter, details on demand—with network graph and treemap visualizations. NetGrok integrates these tools with a shared data store that can read PCAP-formatted network traces, capture traces from a live interface, and filter the data set dynamically by bandwidth, number of connections, and time. We performed an expert user case study that demonstrates the benefits of applying these techniques to static and real-time streaming packet data. Our user study shows NetGrok serves as an “excellent real-time diagnostic,” enabling fast understanding of network resource usage and rapid anomaly detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ball, R., Fink, G.A., North, C.: Home-centric visualization of network traffic for security administration. In: VizSEC/DMSEC 2004: Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, pp. 55–64. ACM, New York (2004)
Bruls, M., Huizing, K., van Wijk, J.: Squarified treemaps. In: Proc. of Joint Eurographics and IEEE TCVG Symp. on Visualization (TCVG 2000), pp. 33–42. IEEE Press, Los Alamitos (2000)
Chandra, R., Mahajan, R., Padmanabhan, V., Zhang, M.: CRAWDAD data set microsoft/osdi2006 (v. 2007-05-23) (May 2007), http://crawdad.cs.dartmouth.edu/microsoft/osdi2006
Cheswick, B., Burch, H., Branigan, S.: Mapping and visualizing the internet. In: ATEC 2000: Proceedings of the annual conference on USENIX Annual Technical Conference, San Diego, California, p. 1. USENIX Association (2000)
Fekete, J.-D., Wang, D., Dang, N., Aris, A., Plaisant, C.: Overlaying graph links on treemaps. In: Information Visualization Symposium Poster Compendium, pp. 82–83. IEEE, Los Alamitos (2003)
Fink, G., North, C.: Root polar layout of internet address data for security administration. In: IEEE Workshop on Visualization for Computer Security, 2005 (VizSEC 2005), 26 October 2005, pp. 55–64 (2005)
Fruchterman, T.M.J., Reingold, E.M.: Graph drawing by force-directed placement. Software - Practice and Experience 21(11), 1129–1164 (1991)
Girardin, L.: An eye on network intruder-administrator shootouts. In: Proceedings of the Workshop on Intrusion Detection and Network Monitoring (ID 1999), Berkeley, CA, USA, pp. 19–28. USENIX Association (1999)
Girardin, L., Brodbeck, D.: A visual approach for monitoring logs. In: LISA 1998: Proceedings of the 12th USENIX conference on System administration, Berkeley, CA, USA, pp. 299–308. USENIX Association (1998)
Heer, J., Card, S.K., Landay, J.A.: Prefuse: a toolkit for interactive information visualization. In: CHI 2005: Proceedings of the SIGCHI conference on Human factors in computing systems, pp. 421–430. ACM, New York (2005)
Herman, I., Melancon, G., Marshall, M.S.: Graph visualization and navigation in information visualization: A survey. IEEE Transactions on Visualization and Computer Graphics 06(1), 24–43 (2000)
Peterson, L., Anderson, T., Culler, D., Roscoe, T.: A blueprint for introducing disruptive technology into the internet. SIGCOMM Comput. Commun. Rev. 33(1), 59–64 (2003)
Shneiderman, B.: Tree visualization with tree-maps: 2-d space-filling approach. ACM Trans. Graph. 11(1), 92–99 (1992)
Shneiderman, B., Aris, A.: Network visualization by semantic substrates. IEEE Transactions on Visualization and Computer Graphics 12(5), 733–740 (2006)
Teoh, S.T., Ma, K.-L., Wu, S.: A visual exploration process for the analysis of internet routing data. In: Visualization, 2003. VIS 2003, 24-24 October 2003, pp. 523–530. IEEE, Los Alamitos (2003)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blue, R., Dunne, C., Fuchs, A., King, K., Schulman, A. (2008). Visualizing Real-Time Network Resource Usage. In: Goodall, J.R., Conti, G., Ma, KL. (eds) Visualization for Computer Security. VizSec 2008. Lecture Notes in Computer Science, vol 5210. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85933-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-85933-8_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85931-4
Online ISBN: 978-3-540-85933-8
eBook Packages: Computer ScienceComputer Science (R0)