会议论文详细信息
Visualization and Monitoring of Network Traffic
Interactive Exploration of the Network Behavior of Personal Machines (Extended Abstract)?
计算机科学;物理学
Sascha Simon1, Mike Sips1, and John Gerth2 1 Max Planck Intitut Informatik ; 2 Stanford University
PID  :  82130
学科分类:计算机科学(综合)
来源: CEUR
PDF
【 摘 要 】

Personal machines are often the weakest points within a largenetwork. Although they run an everincreasing number of network ser vices, these machines are often controlled by users who are unaware of security threats. Thus, a wellinformed attacker can, with modest ef fort, identify and gain control over personal machines. However, system administrators need to know the tools and techniques used for attacks while simultaneously needing to invest huge analytical efforts to detect malicious behavior in the vast volumes of network traffic. In our research project we investigate the idea that an understanding of the regular be havior of personal machines can improve the chance of detecting the point in time when a machine shows malicious behavior. We propose a visual exploration system based on a data abstraction layer and temporal visual representations of the network traffic. The data abstraction layer enables an interactive change in the level of detail of the network traffic while temporal visualizations help system administrators to detect unex pected network traffic. In the next phase of this project, we will conduct experiments to get a good feel about the limits of our system in detecting

【 预 览 】
附件列表
Files Size Format View
Interactive Exploration of the Network Behavior of Personal Machines (Extended Abstract)? 158KB PDF download
  文献评价指标  
  下载次数:2次 浏览次数:18次