3 February 2014 Configurable IP-space maps for large-scale, multi-source network data visual analysis and correlation
Author Affiliations +
Abstract
The need to scale visualization of cyber (IP-space) data sets and analytic results as well as to support a variety of data sources and missions have proved challenging requirements for the development of a cyber common operating picture. Typical methods of visualizing IP-space data require unreliable domain conversions such as IP geolocation, network topology that is difficult to discover, or data sets that can only display one at a time. In this work, we introduce a generalized version of hierarchical network maps called configurable IP-space maps that can simultaneously visualize multiple layers of IP-based data at global scale. IP-space maps allow users to interactively explore the cyber domain from multiple perspectives. A web-based implementation of the concept is described, highlighting a novel repurposing of existing geospatial mapping tools for the cyber domain. Benefits of the configurable IP-space map concept to cyber data set analysis using spatial statistics are discussed. IP-space map structure is found to have a strong effect on data clustering behavior, hinting at the ability to automatically determine concentrations of network events within an organizational hierarchy.
© (2014) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Scott Miserendino, Corey Maynard, William Freeman, "Configurable IP-space maps for large-scale, multi-source network data visual analysis and correlation", Proc. SPIE 9017, Visualization and Data Analysis 2014, 901705 (3 February 2014); doi: 10.1117/12.2037862; https://doi.org/10.1117/12.2037862
PROCEEDINGS
14 PAGES


SHARE
Back to Top