InSight2: A Modular Visual Analysis Platform for Network Situational Awareness in Large-Scale Networks
作者: Hansaka Angel Dias Edirisinghe Kodituwakku , Alex Keller , Jens Gregor
DOI: 10.3390/ELECTRONICS9101747
关键词: Situation awareness 、 Analytics 、 Scalability 、 Flow network 、 Anomaly detection 、 Flexibility (engineering) 、 Visual analytics 、 Distributed computing 、 Computer science 、 Throughput
摘要: The complexity and throughput of computer networks are rapidly increasing as a result the proliferation interconnected devices, data-driven applications, remote working. Providing situational awareness for requires monitoring analysis network data to understand normal activity identify abnormal activity. A scalable platform process visualize in real time large-scale enables security analysts researchers not only monitor study flow but also experiment develop novel analytics. In this paper, we introduce InSight2, an open-source manipulating both streaming archived that aims address issues existing solutions such scalability, extendability, flexibility. Case-studies provided demonstrate applications activity, identifying attacks compromised hosts anomaly detection.
mdpi.com
scilit.net参考文章(18)
Filip Holik, Josef Horalek, Ondrej Marik, Sona Neradova, Stanislav Zitta, Effective penetration testing with Metasploit framework and methodologies international symposium on computational intelligence and informatics. pp. 237- 242 ,(2014) , 10.1109/CINTI.2014.7028682
Ulrik Franke, Joel Brynielsson, Cyber situational awareness – A systematic review of the literature Computers & Security. ,vol. 46, pp. 18- 31 ,(2014) , 10.1016/J.COSE.2014.06.008
Tao Zhang, Qi Liao, Lei Shi, Bridging the Gap of Network Management and Anomaly Detection through Interactive Visualization ieee pacific visualization symposium. pp. 253- 257 ,(2014) , 10.1109/PACIFICVIS.2014.22
Jun Zhang, Chao Chen, Yang Xiang, Wanlei Zhou, A. V. Vasilakos, An Effective Network Traffic Classification Method with Unknown Flow Detection IEEE Transactions on Network and Service Management. ,vol. 10, pp. 133- 147 ,(2013) , 10.1109/TNSM.2013.022713.120250
Zubair M Fadlullah, Tarik Taleb, Athanasios V Vasilakos, Mohsen Guizani, N Kato, DTRAB: combating against attacks on encrypted protocols through traffic-feature analysis IEEE ACM Transactions on Networking. ,vol. 18, pp. 1234- 1247 ,(2010) , 10.1109/TNET.2009.2039492
Valentín Carela-Español, Pere Barlet-Ros, Albert Cabellos-Aparicio, Josep Solé-Pareta, Analysis of the impact of sampling on NetFlow traffic classification Computer Networks. ,vol. 55, pp. 1083- 1099 ,(2011) , 10.1016/J.COMNET.2010.11.002
Cyril Onwubiko, Functional requirements of situational awareness in computer network security intelligence and security informatics. pp. 209- 213 ,(2009) , 10.1109/ISI.2009.5137305
M. Mellia, A. Carpani, R. Lo Cigno, Measuring IP and TCP behavior on edge nodes global communications conference. ,vol. 3, pp. 2533- 2537 ,(2002) , 10.1109/GLOCOM.2002.1189087
Sean Peisert, Brian Tierney, Jennifer M. Schopf, Jason Leigh, Alberto Gonzalez, Andrew Lee, NetSage: Open Privacy-Aware Network Measurement, Analysis, And Visualization Service Proceedings of TNC16 Networking Conference. ,(2016)
João Marco C. Silva, Paulo Carvalho, Solange Rito Lima, A Modular Traffic Sampling Architecture: Bringing Versatility and Efficiency to Massive Traffic Analysis Journal of Network and Systems Management. ,vol. 25, pp. 643- 668 ,(2017) , 10.1007/S10922-017-9404-5