IMap: Visualizing network activity over internet maps

J. Joseph Fowler, Michael Schneider, Thienne Johnson, Carlos Acedo, Loukas Lazos, Paolo Simonetto, Stephen Kobourov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

We propose a novel visualization, IMap, which enables the detection of security threats by visualizing a large volume of dynamic network data. In IMap, the Internet topology at the Autonomous System (AS) level is represented by a canonical map (which resembles a geographic map of the world), and aggregated IP traffic activity is superimposed in the form of heat maps (intensity overlays). Specifically, IMap groups ASes as contiguous regions based on AS attributes (geolocation, type, rank, IP prefix space) and AS relationships. The area, boundary, and relative positions of these regions in the map do not reect actual world geography, but are determined by the characteristics of the Internet's AS topology. To demonstrate the effectiveness of IMap, we showcase two case studies, a simulated DDoS attack and a real-world worm propagation attack.

Original languageEnglish (US)
Title of host publicationVizSec 2014 - Proceedings of the 11th Workshop on Visualization for Cyber Security
EditorsKirsten Whitley, Lane Harrison, Fabian Fischer, Nicolas Prigent, Sophie Engle
PublisherAssociation for Computing Machinery
Pages80-87
Number of pages8
ISBN (Electronic)9781450328265
DOIs
StatePublished - Nov 10 2014
Event11th Workshop on Visualization for Cyber Security, VizSec 2014 - Paris, France
Duration: Nov 10 2014 → …

Publication series

NameACM International Conference Proceeding Series
Volume10-November-2014

Other

Other11th Workshop on Visualization for Cyber Security, VizSec 2014
Country/TerritoryFrance
CityParis
Period11/10/14 → …

Keywords

  • Anomaly
  • Map
  • Network
  • Security
  • Topology visualization

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'IMap: Visualizing network activity over internet maps'. Together they form a unique fingerprint.

Cite this