Toward a scalable visualization system for network traffic monitoring

Erwan Le Malécot, Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

With the multiplication of attacks against computer networks, system administrators are required to monitor carefully the traffic exchanged by the networks they manage. However, that monitoring task is increasingly laborious because of the augmentation of the amount of data to analyze. And that trend is going to intensify with the explosion of the number of devices connected to computer networks along with the global rise of the available network bandwidth. So system administrators now heavily rely on automated tools to assist them and simplify the analysis of the data. Yet, these tools provide limited support and, most of the time, require highly skilled operators. Recently, some research teams have started to study the application of visualization techniques to the analysis of network traffic data. We believe that this original approach can also allow system administrators to deal with the large amount of data they have to process. In this paper, we introduce a tool for network traffic monitoring using visualization techniques that we developed in order to assist the system administrators of our corporate network. We explain how we designed the tool and some of the choices we made regarding the visualization techniques to use. The resulting tool proposes two linked representations of the network traffic and activity, one in 2D and the other in 3D. As 2D and 3D visualization techniques have different assets, we resulted in combining them in our tool to take advantage of their complementarity. We finally tested our tool in order to evaluate the accuracy of our approach.

Original languageEnglish
Pages (from-to)1300-1310
Number of pages11
JournalIEICE Transactions on Information and Systems
VolumeE91-D
Issue number5
DOIs
Publication statusPublished - May 2008

Fingerprint

Visualization
Monitoring
Computer networks
Explosions
Bandwidth

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Vision and Pattern Recognition
  • Electrical and Electronic Engineering
  • Artificial Intelligence

Cite this

Toward a scalable visualization system for network traffic monitoring. / Le Malécot, Erwan; Kohara, Masayoshi; Hori, Yoshiaki; Sakurai, Kouichi.

In: IEICE Transactions on Information and Systems, Vol. E91-D, No. 5, 05.2008, p. 1300-1310.

Research output: Contribution to journalArticle

Le Malécot, Erwan ; Kohara, Masayoshi ; Hori, Yoshiaki ; Sakurai, Kouichi. / Toward a scalable visualization system for network traffic monitoring. In: IEICE Transactions on Information and Systems. 2008 ; Vol. E91-D, No. 5. pp. 1300-1310.
@article{5c38912fa7a54e9da572dcd5bfc99944,
title = "Toward a scalable visualization system for network traffic monitoring",
abstract = "With the multiplication of attacks against computer networks, system administrators are required to monitor carefully the traffic exchanged by the networks they manage. However, that monitoring task is increasingly laborious because of the augmentation of the amount of data to analyze. And that trend is going to intensify with the explosion of the number of devices connected to computer networks along with the global rise of the available network bandwidth. So system administrators now heavily rely on automated tools to assist them and simplify the analysis of the data. Yet, these tools provide limited support and, most of the time, require highly skilled operators. Recently, some research teams have started to study the application of visualization techniques to the analysis of network traffic data. We believe that this original approach can also allow system administrators to deal with the large amount of data they have to process. In this paper, we introduce a tool for network traffic monitoring using visualization techniques that we developed in order to assist the system administrators of our corporate network. We explain how we designed the tool and some of the choices we made regarding the visualization techniques to use. The resulting tool proposes two linked representations of the network traffic and activity, one in 2D and the other in 3D. As 2D and 3D visualization techniques have different assets, we resulted in combining them in our tool to take advantage of their complementarity. We finally tested our tool in order to evaluate the accuracy of our approach.",
author = "{Le Mal{\'e}cot}, Erwan and Masayoshi Kohara and Yoshiaki Hori and Kouichi Sakurai",
year = "2008",
month = "5",
doi = "10.1093/ietisy/e91-d.5.1300",
language = "English",
volume = "E91-D",
pages = "1300--1310",
journal = "IEICE Transactions on Information and Systems",
issn = "0916-8532",
publisher = "一般社団法人電子情報通信学会",
number = "5",

}

TY - JOUR

T1 - Toward a scalable visualization system for network traffic monitoring

AU - Le Malécot, Erwan

AU - Kohara, Masayoshi

AU - Hori, Yoshiaki

AU - Sakurai, Kouichi

PY - 2008/5

Y1 - 2008/5

N2 - With the multiplication of attacks against computer networks, system administrators are required to monitor carefully the traffic exchanged by the networks they manage. However, that monitoring task is increasingly laborious because of the augmentation of the amount of data to analyze. And that trend is going to intensify with the explosion of the number of devices connected to computer networks along with the global rise of the available network bandwidth. So system administrators now heavily rely on automated tools to assist them and simplify the analysis of the data. Yet, these tools provide limited support and, most of the time, require highly skilled operators. Recently, some research teams have started to study the application of visualization techniques to the analysis of network traffic data. We believe that this original approach can also allow system administrators to deal with the large amount of data they have to process. In this paper, we introduce a tool for network traffic monitoring using visualization techniques that we developed in order to assist the system administrators of our corporate network. We explain how we designed the tool and some of the choices we made regarding the visualization techniques to use. The resulting tool proposes two linked representations of the network traffic and activity, one in 2D and the other in 3D. As 2D and 3D visualization techniques have different assets, we resulted in combining them in our tool to take advantage of their complementarity. We finally tested our tool in order to evaluate the accuracy of our approach.

AB - With the multiplication of attacks against computer networks, system administrators are required to monitor carefully the traffic exchanged by the networks they manage. However, that monitoring task is increasingly laborious because of the augmentation of the amount of data to analyze. And that trend is going to intensify with the explosion of the number of devices connected to computer networks along with the global rise of the available network bandwidth. So system administrators now heavily rely on automated tools to assist them and simplify the analysis of the data. Yet, these tools provide limited support and, most of the time, require highly skilled operators. Recently, some research teams have started to study the application of visualization techniques to the analysis of network traffic data. We believe that this original approach can also allow system administrators to deal with the large amount of data they have to process. In this paper, we introduce a tool for network traffic monitoring using visualization techniques that we developed in order to assist the system administrators of our corporate network. We explain how we designed the tool and some of the choices we made regarding the visualization techniques to use. The resulting tool proposes two linked representations of the network traffic and activity, one in 2D and the other in 3D. As 2D and 3D visualization techniques have different assets, we resulted in combining them in our tool to take advantage of their complementarity. We finally tested our tool in order to evaluate the accuracy of our approach.

UR - http://www.scopus.com/inward/record.url?scp=68149150442&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=68149150442&partnerID=8YFLogxK

U2 - 10.1093/ietisy/e91-d.5.1300

DO - 10.1093/ietisy/e91-d.5.1300

M3 - Article

AN - SCOPUS:68149150442

VL - E91-D

SP - 1300

EP - 1310

JO - IEICE Transactions on Information and Systems

JF - IEICE Transactions on Information and Systems

SN - 0916-8532

IS - 5

ER -