FloVis: Flow Visualization System

Taylor, Teryl; Paterson, Diana; Glanfield, Joel; Gates, Carrie; Brooks, Stephen; McHugh, John

doi:10.1109/catch.2009.18

Cited by 43 publications

(23 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The existing literature on security visualization also does not explicitly state that the focus is IPv4 traffic, but typically implicitly assumes that IPv4 is the underlying protocol of the analyzed network traffic. Several visualization tools [10,11,17] which provide good insight into remote IP behavior are limited to IPv4 addresses.…”

Section: Related Workmentioning

confidence: 99%

“…If a dual stack capture 3 is loaded, the tool will just ignore the IPv6 packets and not display them. NVisionIP [11] and Flovis [17] are other examples of tools where only 32-bit source addresses are currently supported. Koike et al [10] also describe a technique similar to NVisionIP in which source and destination addresses are visualized in a 2D matrix; only IPv4 addresses can be displayed.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Security visualization tools and IPv6 addresses

Barrera

Oorschot

2009

2009 6th International Workshop on Visualization for Cyber Security

View full text Add to dashboard Cite

Visualization is used by security analysts to help detect patterns and trends in large volumes of network traffic data. With IPv6 slowly being deployed around the world, network intruders are beginning to adapt their tools and techniques to work over IPv6 (vs. IPv4). Many tools for visualizing network activity, while useful for detecting large scale attacks and network behavior anomalies still only support IPv4. In this paper, we explore the current state of IPv6 support in some popular security visualization tools and identify the roadblocks preventing those tools from supporting the new protocol. We propose a filtering technique that helps reduce the occlusion of IPv6 sources on graphs. We also suggest using treemaps for visually representing the vast space of remote addresses in IPv6.

show abstract

Section: Related Workmentioning

confidence: 99%

mentioning

confidence: 99%

Security visualization tools and IPv6 addresses

Barrera

Oorschot

2009

2009 6th International Workshop on Visualization for Cyber Security

View full text Add to dashboard Cite

show abstract

“…In [12], the authors present the client-based visualization tool FlowVis, which uses the SiLK tools for processing NetFlow data. They provide proofof-concept visualizations like activity plots, flow edge bundles, and network bytes viewer.…”

Section: Related Workmentioning

confidence: 99%

Flow-inspector: a framework for visualizing network flow data using current web technologies

et al. 2013

View full text Add to dashboard Cite

New web technologies led to the development of browser applications for data analysis. Modern browser engines allow for building interactive real-time visualization applications that enable efficient ways to understand complex data. We present Flow-Inspector, a highly interactive open-source web framework for visualizing network flow data using latest web technologies.Flow-Inspector includes a backend for processing and storing large-scale network flow data, as well as a JavaScript-based web application capable to display and manipulate traffic information in real-time. This work provides operators with a toolkit to analyze their networks and enables the scientific community to create new and innovative visualizations of traffic data with an extensible framework. We demonstrate the applicability of our approach by implementing several different visualization components that help to identify topological characteristics in network flows.

show abstract

“…The existing literature on security visualization also does not explicitly state that the focus is IPv4 traffic, but typically implicitly assumes that IPv4 is the underlying protocol of the analyzed network traffic. Several visualization tools [11,12,19] which provide good insight into remote IP behavior are limited to IPv4 addresses. Nakamae et al [18] (CAIDA) has also produced visualizations displaying IPv6 autonomous system (AS) interconnections [5].…”

Section: Related Workmentioning

confidence: 99%

“…If a dual stack capture (i.e., containing both IPv4 and IPv6 data) is loaded, the tool will just ignore the IPv6 packets and not display them. NVisionIP [12] and Flovis [19] are other examples of tools where only 32-bit source addresses are currently supported. Koike et al [11] also describe a technique similar to NVisionIP in which source and destination addresses are visualized in a 2D matrix; only IPv4 addresses can be displayed.…”

mentioning

confidence: 99%

Accommodating IPv6 Addresses in Security Visualization Tools

Barrera

Oorschot

2010

Information Visualization

View full text Add to dashboard Cite

Visualization is used by security analysts to help detect patterns and trends in large volumes of network traffic data. With IPv6 slowly being deployed around the world, network intruders are beginning to adapt their tools and techniques to work over IPv6 (vs. IPv4). Many tools for visualizing network activity, while useful for detecting large scale attacks and network behavior anomalies still only support IPv4. In this paper, we explore the current state of IPv6 support in some popular security visualization tools and identify the roadblocks preventing those tools from supporting the new protocol. We propose a filtering technique that helps reduce the occlusion of IPv6 sources on graphs, and enables IPv4 visualization tools to display both IPv4 and IPv6 sources on a single graph. We also suggest using treemaps for visually representing the vast space of remote addresses in IPv6.

show abstract

FloVis: Flow Visualization System

Cited by 43 publications

References 23 publications

Security visualization tools and IPv6 addresses

Security visualization tools and IPv6 addresses

Flow-inspector: a framework for visualizing network flow data using current web technologies

Accommodating IPv6 Addresses in Security Visualization Tools

Contact Info

Product

Resources

About