IMap: Visualizing network activity over internet maps

J. Joseph Fowler, Michael Schneider, Thienne Johnson, Carlos Acedo, Loukas Lazos, Paolo Simonetto, Stephen G Kobourov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

We propose a novel visualization, IMap, which enables the detection of security threats by visualizing a large volume of dynamic network data. In IMap, the Internet topology at the Autonomous System (AS) level is represented by a canonical map (which resembles a geographic map of the world), and aggregated IP traffic activity is superimposed in the form of heat maps (intensity overlays). Specifically, IMap groups ASes as contiguous regions based on AS attributes (geolocation, type, rank, IP prefix space) and AS relationships. The area, boundary, and relative positions of these regions in the map do not reect actual world geography, but are determined by the characteristics of the Internet's AS topology. To demonstrate the effectiveness of IMap, we showcase two case studies, a simulated DDoS attack and a real-world worm propagation attack.

Original languageEnglish (US)
Title of host publicationVizSec 2014 - Proceedings of the 11th Workshop on Visualization for Cyber Security
PublisherAssociation for Computing Machinery
Pages80-87
Number of pages8
Volume10-November-2014
ISBN (Electronic)9781450328265
DOIs
StatePublished - Nov 10 2014
Event11th Workshop on Visualization for Cyber Security, VizSec 2014 - Paris, France
Duration: Nov 10 2014 → …

Other

Other11th Workshop on Visualization for Cyber Security, VizSec 2014
CountryFrance
CityParis
Period11/10/14 → …

Keywords

  • Anomaly
  • Map
  • Network
  • Security
  • Topology visualization

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition
  • Software

Fingerprint Dive into the research topics of 'IMap: Visualizing network activity over internet maps'. Together they form a unique fingerprint.

  • Cite this

    Fowler, J. J., Schneider, M., Johnson, T., Acedo, C., Lazos, L., Simonetto, P., & Kobourov, S. G. (2014). IMap: Visualizing network activity over internet maps. In VizSec 2014 - Proceedings of the 11th Workshop on Visualization for Cyber Security (Vol. 10-November-2014, pp. 80-87). Association for Computing Machinery. https://doi.org/10.1145/2671491.2671501