Crucial Nodes Centric Visual Monitoring and Analysis of Computer Networks

Abstract

Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.