Digging into my various BGP datasets, I decided to create a GraphViz dot files with all the unique AS path in BGP for Internet as of Today. The dot file is available at the following location: http://www.foo.be/internet-dot/BGP-ASN-Paths-20120403.dot (! 44MB) and a quick overview of the dataset with Gephi: http://www.foo.be/internet-dot/Top-ASN-20120403.png. You can directly see the ASN 3356 (Level 3), one of the most connected providers. I used the "Radial Axis" layout that is well suited for such kind of dataset. The internet view (from this BGP router) contains 40898 ASN representing a majority of the ISP on the Internet.
The dataset can be used to experiment Gephi or other tools to handle large graphs with a lot of connections. The dataset will be updated at a regular interval. If you have any ideas, feedback... let me know.
I then followed up with a post on Advanced Network Graph Visualization with AfterGlow. In this post I show how you can use some extended capabilities of AfterGlow to read configuration parameters from variables and files in order to influence your network graph's colors, clustering, etc.
Curious to hear your feedback!
The picture shows attacks from the Internet to computers located at the University of Konstanz (brute force SSH attacks). The background represents the university’s network structure with computer systems as rectangles. External hosts are shown as colored circles on the outside. The splines represent the connections between attackers and computers within the network. This reveals a distributed attack originating from hundreds of hosts working together in attempt to break into specific computer systems.
More Information on: http://ff.cx/nflowvis/
Call for Papers
IEEE Network Magazine
Special Issue on Computer Network Visualization, Nov./Dec. 2012 issue
Computer networks are dynamic, growing, and continually evolving. As complexity grows, it becomes harder to effectively communicate to human decision-makers the results of methods and metrics for monitoring networks, classifying traffic, and identifying malicious or abnormal events. Network administrators and security analysts require tools that help them understand, reason about, and make decisions about the information their analytic systems produce. To this end, information visualization and visual analytics hold great promise for making the information accessible, usable, and actionable by taking advantage of the human perceptual abilities. Information visualization techniques help network administrators and security analysts to quickly recognize patterns and anomalies; visually integrate heterogeneous data sources; and provide context for critical events.
This special issue seeks original articles examining the state of the art, open issues, research results, evaluations of visualization and visual analytic tools, and future research directions in computer network visualization and visual analytics. All submissions should be written to be understandable and appealing to a general audience. Research papers should contain a substantial amount of tutorial content and minimal mathematics. Topics of interest include, but are not limited to:
* Uses of visualization for network status monitoring and situational awareness
* Visualization methods employed in the classification of network traffic and its analysis
* Visualization methods enhancing network intrusion detection and anomaly detection
* Visualization methods for the analysis of network threats (e.g. botnets)
* Visualization methods for the analysis of network routing
* Methods for integrating analytics and visualization together for network analysis tasks
* Methods for visually integrating heterogeneous data sources to support network analysis tasks
* Case studies of open source visualization tools in network analysis tasks
* Evaluations of network visualization tools in situ
Articles should be written in a style comprehensible and appealing to readers outside the speciality of the article. Authors must follow the IEEE Network Magazine guidelines regarding the manuscript and its format. For details, please refer to the "Guidelines for manuscripts" at the IEEE Network Magazine web site at http://dl.comsoc.org/livepubs/ni/info/authors.html. Submitted papers must be original work and must not be under consideration for publication in other venues. Authors should submit their manuscripts in PDF through ScholarOne for IEEE Network Magazine. Choose this special issue from the drop down menu on the submission page. Authors uncertain about the relevance of their paper to this special issue should inquire with the guest editors before submission.
Submissions: April 1, 2012
Author notifications: July 1, 2012
Final papers: September 1, 2012
Publication: November 2012
Oak Ridge National Lab
University of Konstanz
I just uploaded a number of my old presentations, mainly on security visualization, to slideshare. The link below leads you right to them:
There are presentations from a number of conferences:
And then there are still the newer presentations that have been there for a while now.
I teach a data analytics and visualization class every now and then. In the last section of the class I share a number of resources with the students. The Web sites are mainly blogs and generic visualization resources; Not tools.
The following is the list of resources. Have your own favorite visualization resource? Add a comment!
A much longer list of non curated links you can also find on my delicious feed.
AfterGlow now enables Splunk 4.2.x to generate link graphs!
One of the very first Splunk Applications was the AfterGlow for Splunk Addon. Initially it was just a simple search command but then with version 4 of Splunk, the application matured to a full blown Splunk App. Unfortunately, with the introduction of Splunk 4.1 and 4.2, the application got broken. As of earlier this month, however, AfterGlow for Splunk has been fixed and now works with Splunk 4.2.x.
Post your visualizations here in the secviz gallery!
I wrote a new blog entry talking about the maturity scale of visual analytics. The visualization maturity scale can be used to explain a number of issues in the visual analytics space. For example, why aren’t companies leveraging visualization to analyze their data? What are the requirements to implement visual analytics services? Or why don’t we have more visual analytics products?
Unfortunately, we do no have mature visual analytics products yet that really encompass all of the steps in the maturity scale to deliver a great experience to the end user.
Also check out the Maturity Scale for Log Management and Analysis to have a closer look at how log analysis and management play into the visual analytics process.