Monitoring large IP spaces with ClockView
- Startseite
- →
- Informatik und Informationswissenschaft
- →
- Informatik und Informationswissenschaft
- →
- Dokumentanzeige
| Publikationstyp: | Beitrag zu einer Konferenz |
| URI (zitierfähiger Link): | http://nbn-resolving.de/urn:nbn:de:bsz:352-186545 |
| Autor/innen: | Kintzel, Christopher; Fuchs, Johannes; Mansmann, Florian |
| Erscheinungsjahr: | 2011 |
| Konferenz: | the 8th International Symposium, 20. Jul 2011 - 20. Jul 2011, Pittsburgh, Pennsylvania |
| Erschienen in: | Proceedings of the 8th International Symposium on Visualization for Cyber Security - VizSec '11. - New York, New York, USA : ACM Press, 2011. - S. 1-10. - ISBN 978-1-4503-0679-9 |
| DOI (zitierfähiger Link): | https://dx.doi.org/10.1145/2016904.2016906 |
| Zusammenfassung: |
The growing amounts of hosts that are placed into the networks represent an enormous challenge to most network administrators who have to monitor these hosts conscientiously. While automatically monitoring the network for slow or failing components has become common practice, defining an acceptable state of the system is only possible to a very limited extent and thus exploratory analysis tasks by real human analysts complement the analysis process. However, this is a problem of scale since it is infeasible to manually inspect thousands of hosts without proper visual support for the tasks of gaining an overview, focusing and retrieving details on demand. In this paper we present a design study to enable visual support for monitoring large IP spaces. In particular, the presented system features 1) a scalable glyph representation in the style of a clock for giving an overview of the activity over time of thousands of hosts in the network, 2) subnet and port views for focusing the analysis to a particular subset of the data and 3) detailed pixel matrix visualizations for interpreting concrete traffic patterns. Furthermore, the tool's feedback loop, which is implemented through interaction capabilities, allows for retrieving new details, refocusing and enhancing of the overview.
|
| Fachgebiet (DDC): | 004 Informatik |
| Schlagwörter: | Network security, pattern detection |
| Link zur Lizenz: | Nutzungsbedingungen |
| Universitätsbibliographie: | Ja |
Zitieren
Dateien zu dieser Ressource
![[PDF]](/themes/Kops/images/mimes/pdf.png "PDF file"){kind=small}
KINTZEL, Christopher, Johannes FUCHS, Florian MANSMANN, 2011. Monitoring large IP spaces with ClockView. the 8th International Symposium. Pittsburgh, Pennsylvania, 20. Jul 2011 - 20. Jul 2011. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security - VizSec '11. the 8th International Symposium. Pittsburgh, Pennsylvania, 20. Jul 2011 - 20. Jul 2011. New York, New York, USA:ACM Press, pp. 1-10. ISBN 978-1-4503-0679-9. Available under: doi: 10.1145/2016904.2016906
@inproceedings{Kintzel2011Monit-18654, title={Monitoring large IP spaces with ClockView}, year={2011}, doi={10.1145/2016904.2016906}, isbn={978-1-4503-0679-9}, address={New York, New York, USA}, publisher={ACM Press}, booktitle={Proceedings of the 8th International Symposium on Visualization for Cyber Security - VizSec '11}, pages={1--10}, author={Kintzel, Christopher and Fuchs, Johannes and Mansmann, Florian} }
<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/rdf/resource/123456789/18654"> <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/18654/2/Keim_Monitoring.pdf"/> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dcterms:issued>2011</dcterms:issued> <dc:creator>Mansmann, Florian</dc:creator> <dcterms:abstract xml:lang="eng">The growing amounts of hosts that are placed into the networks represent an enormous challenge to most network administrators who have to monitor these hosts conscientiously. While automatically monitoring the network for slow or failing components has become common practice, defining an acceptable state of the system is only possible to a very limited extent and thus exploratory analysis tasks by real human analysts complement the analysis process. However, this is a problem of scale since it is infeasible to manually inspect thousands of hosts without proper visual support for the tasks of gaining an overview, focusing and retrieving details on demand. In this paper we present a design study to enable visual support for monitoring large IP spaces. In particular, the presented system features 1) a scalable glyph representation in the style of a clock for giving an overview of the activity over time of thousands of hosts in the network, 2) subnet and port views for focusing the analysis to a particular subset of the data and 3) detailed pixel matrix visualizations for interpreting concrete traffic patterns. Furthermore, the tool's feedback loop, which is implemented through interaction capabilities, allows for retrieving new details, refocusing and enhancing of the overview.</dcterms:abstract> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2012-03-20T09:55:47Z</dc:date> <dc:rights>terms-of-use</dc:rights> <dc:creator>Kintzel, Christopher</dc:creator> <dc:contributor>Fuchs, Johannes</dc:contributor> <dcterms:bibliographicCitation>First publ. in: VizSec '11 2011 International Symposium on Visualization for Cyber Security : Pittsburgh, PA, USA — July 20 - 20, 2011. - ACM : New York, NY, 2011. - Article No. 2. - ISBN: 978-1-4503-0679-9</dcterms:bibliographicCitation> <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/18654"/> <dc:contributor>Mansmann, Florian</dc:contributor> <dcterms:title>Monitoring large IP spaces with ClockView</dcterms:title> <dc:contributor>Kintzel, Christopher</dc:contributor> <foaf:homepage rdf:resource="http://localhost:8080/jspui"/> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/18654/2/Keim_Monitoring.pdf"/> <dc:creator>Fuchs, Johannes</dc:creator> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2012-03-20T09:55:47Z</dcterms:available> <dcterms:rights rdf:resource="https://kops.uni-konstanz.de/page/termsofuse"/> <dc:language>eng</dc:language> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> </rdf:Description> </rdf:RDF>
Dateiabrufe seit 01.10.2014 (Informationen über die Zugriffsstatistik)
| Keim_Monitoring.pdf | 328 |
Das Dokument erscheint in:
KOPS Suche
Stöbern
Mein Benutzerkonto
