nvisionip an animated state analysis tool for visualizing
play

NVisionIP: An Animated State Analysis Tool for Visualizing NetFlows - PowerPoint PPT Presentation

Sep 07, 2022 •100 likes •248 views

NVisionIP: An Animated State Analysis Tool for Visualizing NetFlows Ratna Bearavolu, Kiran Lakkaraju, William Yurcik National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign National Center for

  1. NVisionIP: An Animated State Analysis Tool for Visualizing NetFlows Ratna Bearavolu, Kiran Lakkaraju, William Yurcik National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign National Center for Supercomputing Applications

  2. Outline • Motivation • Situational Awareness & Visualization • Visualization Criteria • NVisionIP – Demo • Conclusion National Center for Supercomputing Applications

  3. Motivation • Motivated by the concerns of Security Engineers at NCSA • How do you provide situational awareness of the network – awareness of the state of the devices on the network • Focus on situational awareness then intrusion detection • Wanted a tool where the user can see the state information of the devices on the network National Center for Supercomputing Applications

  4. Situational Awareness Using Visualization • Use visualization to show information about the network • Visualization is used because it is: – Easy to detect patterns in the traffic – Conveys a large amount of information concisely – Can be quickly created by machines • Use the security engineers background knowledge and analysis capabilities along with the capability of machines to quickly process and display data. National Center for Supercomputing Applications

  5. Key Features of Network Visualizations for Security • Interactivity: User must be able to interact with the visualization • Drill-Down capability: User must be able to gain more information if needed • Conciseness: Must show the state of the entire network in a concise manner National Center for Supercomputing Applications

  6. Interactivity • Allow security engineer to decide what to see – Data views (Cumulative, Animation (interval lapse) and Difference) – Features to view (traffic in/out, number of ports used, etc) – Filtering National Center for Supercomputing Applications

  7. Drill-down capability • Allow security engineer to see the network at different levels of resolutions • Entire network – Galaxy View • A subset of hosts – Small Multiple View • A single machine (IP) – Machine View National Center for Supercomputing Applications

  8. Conciseness • Allow a security engineer to view a large amount of information concisely – Show entire network with minimum of scrolling …..thus allow security engineer to gain situational awareness of the network National Center for Supercomputing Applications

  9. Where is the data coming from at NCSA? National Center for Supercomputing Applications

  10. DEMO DEMO National Center for Supercomputing Applications

  11. For a single IP • FlowCount - Number of times IP address was part of flow (Flow Count) • SrcFlowCount, DstFlowCount – Number of time IP address was source and destination of a flow • PortCount – Number of unique ports used • SrcPortCount, DstPortCount – Number of unique ports used as source and destination ports • ProtocolCount – Number of unique protocols used • ByteCount – Number of bytes transferred . A National Center for Supercomputing Applications

  12. Getting NVisionIP • Distribution Website: http://security.ncsa.uiuc.edu/distribution/NVisionIPDownLoad.html • SIFT Group Website: http://www.ncassr.org/projects/sift/ National Center for Supercomputing Applications

  13. Conclusion • Combine Security Engineers’ skills with the visualization capabilities of machines. • Visualizations with three key properties to provide Situational Awareness: – Interactivity – Drill-Down Capability – Conciseness National Center for Supercomputing Applications

  14. Questions National Center for Supercomputing Applications

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A New Tool for Visualizing Blaise Logic Jason Ostergren, Rhonda Ash 15th International Blaise

A New Tool for Visualizing Blaise Logic Jason Ostergren, Rhonda Ash 15th International Blaise

A New Tool for Visualizing Blaise Logic Jason Ostergren, Rhonda Ash 15th International Blaise Users Conference Washington D.C., USA September 2013 Visual Blaise Tool A desktop application programmed by the Health and Retirement

605 views • 11 slides
Improving Engagement of Animated Visualization with Visual Foreshadowing Wenchao Li 1 , Yun Wang 2

Improving Engagement of Animated Visualization with Visual Foreshadowing Wenchao Li 1 , Yun Wang 2

Improving Engagement of Animated Visualization with Visual Foreshadowing Wenchao Li 1 , Yun Wang 2 , Haitong Zhang 2 , Huamin Qu 1 1 2 Animated Visualization Hans Rosling's influential animated data presentation 1 1 https://www.gapminder.org

425 views • 29 slides
presentation Bethan Price Space the Animated Place The aim of this project was to create a

presentation Bethan Price Space the Animated Place The aim of this project was to create a

Space the Animated place Moving the Museum Field viva presentation Bethan Price Space the Animated Place The aim of this project was to create a collaborative, animated film based on the character we would develop in groups, based of the

639 views • 16 slides
Outline - Tasks - Map projections - Visualizing area data - Visualizing point data -

Outline - Tasks - Map projections - Visualizing area data - Visualizing point data -

Outline - Tasks - Map projections - Visualizing area data - Visualizing point data - Visualizing trajectories - Visualizing time Tasks Locations (0D, Points) Areas (2D) Distribution Comparison Sensity Max/min values

961 views • 48 slides
Explore VisIt:: an open source, end user tool for visualizing and analyzing very large data M04:

Explore VisIt:: an open source, end user tool for visualizing and analyzing very large data M04:

at Explore VisIt:: an open source, end user tool for visualizing and analyzing very large data M04: Introduction to VisIt: : 8:30-12:00 M14: Advanced VisIt usage: 1:30-5:00 Monday, November 15 th in Rm 388 Introduction to Tutorial M04 8:30

885 views • 63 slides
Data Analysis Analyzing and Visualizing 15-110 Wednesday 4/15 Learning Goals Perform

Data Analysis Analyzing and Visualizing 15-110 Wednesday 4/15 Learning Goals Perform

Data Analysis Analyzing and Visualizing 15-110 Wednesday 4/15 Learning Goals Perform basic analyses on data to answer simple questions Identify which visualization is appropriate based on the type of data Use matplotlib to

449 views • 44 slides
A Tool for Urban Air A Tool for Urban Air Pollution Analysis Pollution Analysis Eri Saikawa

A Tool for Urban Air A Tool for Urban Air Pollution Analysis Pollution Analysis Eri Saikawa

Interactive nteractive Database for atabase for Emission mission Analysis nalysis - IDEA IDEA - A Tool for Urban Air A Tool for Urban Air Pollution Analysis Pollution Analysis Eri Saikawa Eri Saikawa East Asia Region East Asia Region

631 views • 16 slides
Visualizing Outlier Analysis to Detect Gerrymandering with an Agent-Based Model Anne Yust

Visualizing Outlier Analysis to Detect Gerrymandering with an Agent-Based Model Anne Yust

Visualizing Outlier Analysis to Detect Gerrymandering with an Agent-Based Model Anne Yust Assistant Professor of Mathematics and Quantitative Reasoning Eugene Lang College at The New School, New York, NY National Numeracy Network Michigan

363 views • 13 slides
Abstracting and Visualizing Host Behaviour Abstracting and Visualizing Host Behaviour through

Abstracting and Visualizing Host Behaviour Abstracting and Visualizing Host Behaviour through

Abstracting and Visualizing Host Behaviour Abstracting and Visualizing Host Behaviour through Graphs Eduard Glatz Computer Engineering and Networks Laboratory ETH Zurich (Switzerland) eglatz@tik.ee.ethz.ch 20. Dec. 2009 Motivation

466 views • 27 slides
analysis of discussions in twitter with an argumentation tool T. Alsinet, J. Argelich, R. Bjar,

analysis of discussions in twitter with an argumentation tool T. Alsinet, J. Argelich, R. Bjar,

analysis of discussions in twitter with an argumentation tool T. Alsinet, J. Argelich, R. Bjar, Jordi Planes, M. Snchez DIEI - University of Lleida - Spain 1 outline Introduction Definitions Semantics Discussion Analysis Tool

704 views • 22 slides
Visualizing Heart Data Visualizing Heart Data of a living entity by analyzing time- -series data

Visualizing Heart Data Visualizing Heart Data of a living entity by analyzing time- -series data

What do researchers seek? What do researchers seek? To achieve a better understanding of the state To achieve a better understanding of the state Visualizing Heart Data Visualizing Heart Data of a living entity by analyzing time-

59 views • 3 slides
Visualizing Harmonic analysis: roots of exponential polynomials ICERM June 18, 2014 Sinai

Visualizing Harmonic analysis: roots of exponential polynomials ICERM June 18, 2014 Sinai

Visualizing Harmonic analysis: roots of exponential polynomials ICERM June 18, 2014 Sinai Robins Based on some joint work with Nick Gravin, Dmitry Shiryaev, and Mihalis Kolountzakis Wednesday, June 18, 14 Outline Part I. History of tilings

1.28k views • 78 slides
Quantifying Representative Sampling Using a Hydrologic Analysis Tool StormCon 2015 Austin, TX

Quantifying Representative Sampling Using a Hydrologic Analysis Tool StormCon 2015 Austin, TX

Quantifying Representative Sampling Using a Hydrologic Analysis Tool StormCon 2015 Austin, TX Christian Carleton, PH, CPSWQ, CPESC August 4, 2015 Research Engineer/Hydrologist Office of Water Programs California State University, Sacramento

484 views • 29 slides
Basic Visualiza+on Techniques & ParaView Han-Wei Shen The Ohio State University Visualizing

Basic Visualiza+on Techniques & ParaView Han-Wei Shen The Ohio State University Visualizing

Basic Visualiza+on Techniques & ParaView Han-Wei Shen The Ohio State University Visualizing Scien+fic Data Common Visualiza+on Techniques Mesh view Outer surface with aFributes Slicing Glyphing Contouring Volume

381 views • 14 slides
VISUALIZING UNCERTAINTY Fall 2017 Mac Hill VISUALIZING UNCERTAINTY 2 DEVELOPING A VISUAL

VISUALIZING UNCERTAINTY Fall 2017 Mac Hill VISUALIZING UNCERTAINTY 2 DEVELOPING A VISUAL

Thesis Proposal VISUALIZING UNCERTAINTY Fall 2017 Mac Hill VISUALIZING UNCERTAINTY 2 DEVELOPING A VISUAL VOCABULARY FOR UNCERTAINTY How can the design of information visualizations commonly found in news media coverage incorporate

591 views • 20 slides
Visualizing and Exploring Data Sargur Srihari University at Buffalo The State University of New

Visualizing and Exploring Data Sargur Srihari University at Buffalo The State University of New

Visualizing and Exploring Data Sargur Srihari University at Buffalo The State University of New York Visual Methods for finding structures in data Power of human eye/brain to detect structures Product of eons of evolution Display

487 views • 29 slides
1 JFK Memorial Hospital, Maternity Building Improvised triage post: underground garage Monrovia

1 JFK Memorial Hospital, Maternity Building Improvised triage post: underground garage Monrovia

Clinical practice TRIAGE Normal clinical practice OF MASS CASUALTIES Multiple-casualty incident C. Giannou Mass casualties Hat Yai July 2012 Triage = Process The aim in a mass casualty situation is to do the best for the most, not by

504 views • 7 slides
Multiple-View Object Recognition in Band-Limited Distributed Camera Networks Allen Y. Yang,

Multiple-View Object Recognition in Band-Limited Distributed Camera Networks Allen Y. Yang,

Introduction Random Projection Compressive Sensing Distributed Recognition Experiment Conclusion Multiple-View Object Recognition in Band-Limited Distributed Camera Networks Allen Y. Yang, Subhransu Maji, Mario Christoudas, Kirak Hong, Posu

646 views • 53 slides
Real-Time and High Resolution Feature Tracking and Object Recognition Peter Andreas Entschev -

Real-Time and High Resolution Feature Tracking and Object Recognition Peter Andreas Entschev -

Real-Time and High Resolution Feature Tracking and Object Recognition Peter Andreas Entschev - peter@arrayfire.com HPC Engineer Definition: Feature Tracking The act of finding highly distinctive image properties (features) in a given scene

839 views • 29 slides
Planar Augmented Reality Kameron Kincade What is Augmented Reality? Augment : to make

Planar Augmented Reality Kameron Kincade What is Augmented Reality? Augment : to make

Planar Augmented Reality Kameron Kincade What is Augmented Reality? Augment : to make greater or more intense Reality : perception of the real world Why Planar Objects? They are Common They are Detectable

488 views • 25 slides
The Aspersa Toolkit Baron Schwartz O'Reilly MySQL Conference & Expo 2011 Consulting

The Aspersa Toolkit Baron Schwartz O'Reilly MySQL Conference & Expo 2011 Consulting

The Aspersa Toolkit Baron Schwartz O'Reilly MySQL Conference & Expo 2011 Consulting Support Training Development For MySQL Percona Server Replaces MySQL Faster Queries More Consistent More Measurable More Features

740 views • 30 slides
Sutton Link Presentation to St Helier, The Wrythe and Wandle Valley Page 1 Local Committee

Sutton Link Presentation to St Helier, The Wrythe and Wandle Valley Page 1 Local Committee

Sutton Link Presentation to St Helier, The Wrythe and Wandle Valley Page 1 Local Committee Agenda Item 5 Daniel Doris - Major Scheme Programme Manager 11th October 2018 Background The Tram extension has been part of strategic planning

281 views • 12 slides
Predicting Performance Through Accurate Assessment Abigail Clayton November 2011 1

Predicting Performance Through Accurate Assessment Abigail Clayton November 2011 1

Predicting Performance Through Accurate Assessment Abigail Clayton November 2011 1 Getfeedback improve business performance through the accurate selection, development and engagement of people at work Here at Getfeedback over the past 10

412 views • 22 slides
Computational Analysis of Neutron Scattering Data PhD Dissertation Defense Benjamin Martin July

Computational Analysis of Neutron Scattering Data PhD Dissertation Defense Benjamin Martin July

Computational Analysis of Neutron Scattering Data PhD Dissertation Defense Benjamin Martin July 14 2015 About Me B.S. Computer Engineering 2009 M.S. Computer Engineering 2012 Intern at ORNL for 5 years Worked on satellite image

1.17k views • 59 slides

More recommend