Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks

Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks

Netflow log files commonly contain massive transfer records in tiny time interval, making analytical works complex and burdensome. By combining human cognition abilities with computerized techniques, visual analytics systems have become efficient tools for showing network states and locating abnorma...

Full description

Bibliographic Details
Main Authors: Yan Yan, Lingjun He, Li Liu, Tao Yang, Wenhua Hou, Hong Xiang, Xiaofeng Xia, Haibo Hu
Format: Article
Language:English
Published: IEEE 2020-01-01
Series:IEEE Access
Subjects:
Visual analytics
network security
sunburst-hiveplot graph
link wheel graph
user-centric interaction
Online Access:https://ieeexplore.ieee.org/document/8993793/
id doaj-dbc31c26da1148d287ca7e798913de53
record_format Article
spelling doaj-dbc31c26da1148d287ca7e798913de532021-03-30T01:25:59ZengIEEEIEEE Access2169-35362020-01-018313173132910.1109/ACCESS.2020.29732308993793Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in NetworksYan Yan0https://orcid.org/0000-0003-4781-1954Lingjun He1https://orcid.org/0000-0003-3934-0283Li Liu2https://orcid.org/0000-0003-1604-6559Tao Yang3https://orcid.org/0000-0002-6283-4102Wenhua Hou4https://orcid.org/0000-0003-3840-0475Hong Xiang5https://orcid.org/0000-0001-6012-2921Xiaofeng Xia6https://orcid.org/0000-0002-0608-2460Haibo Hu7https://orcid.org/0000-0001-8442-5222Key Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education, Chongqing University, Chongqing, ChinaDepartment of Visualization Platform, Beijing Qianxin Technology Company, Ltd., Beijing, ChinaKey Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education, Chongqing University, Chongqing, ChinaKey Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education, Chongqing University, Chongqing, ChinaKey Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education, Chongqing University, Chongqing, ChinaKey Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education, Chongqing University, Chongqing, ChinaKey Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education, Chongqing University, Chongqing, ChinaKey Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education, Chongqing University, Chongqing, ChinaNetflow log files commonly contain massive transfer records in tiny time interval, making analytical works complex and burdensome. By combining human cognition abilities with computerized techniques, visual analytics systems have become efficient tools for showing network states and locating abnormal behaviors. However, traditional visual analytics systems tend to be designed for solving certain problems and unable to synthesize various types of data sources. Despite recent advances in network security visualization, academia still starves for a proper solution to visualize IPv4 address behavior modes and IPv4 connection patterns within limited drawing space. Thus, we propose a visual analytics system called `Owleyes' which reprocesses Netflow log data with simple statistical operations in basic dimensions and fulfills the aforementioned requirements with proper novel graphs such as `sunburst-hive-plot graph' (SHG) and link-wheel graph (LW). The SHG provides a stable and comparable means of visualizing connection patterns efficiently in a limited drawing space. The LW represents the hourly connection counts of main ports in a specific IPv4 connection during one day. With the use case dealing with the ChinaVis 2016 Challenge I data, the efficiency and practicability of Owleyes are demonstrated.https://ieeexplore.ieee.org/document/8993793/Visual analyticsnetwork securitysunburst-hiveplot graphlink wheel graphuser-centric interaction
collection DOAJ
language English
format Article
sources DOAJ
author Yan Yan
Lingjun He
Li Liu
Tao Yang
Wenhua Hou
Hong Xiang
Xiaofeng Xia
Haibo Hu
spellingShingle Yan Yan
Lingjun He
Li Liu
Tao Yang
Wenhua Hou
Hong Xiang
Xiaofeng Xia
Haibo Hu
Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks
IEEE Access
Visual analytics
network security
sunburst-hiveplot graph
link wheel graph
user-centric interaction
author_facet Yan Yan
Lingjun He
Li Liu
Tao Yang
Wenhua Hou
Hong Xiang
Xiaofeng Xia
Haibo Hu
author_sort Yan Yan
title Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks
title_short Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks
title_full Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks
title_fullStr Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks
title_full_unstemmed Owleyes: A Visual Analytics System for Functions and Connection Patterns of IPv4 Addresses in Networks
title_sort owleyes: a visual analytics system for functions and connection patterns of ipv4 addresses in networks
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2020-01-01
description Netflow log files commonly contain massive transfer records in tiny time interval, making analytical works complex and burdensome. By combining human cognition abilities with computerized techniques, visual analytics systems have become efficient tools for showing network states and locating abnormal behaviors. However, traditional visual analytics systems tend to be designed for solving certain problems and unable to synthesize various types of data sources. Despite recent advances in network security visualization, academia still starves for a proper solution to visualize IPv4 address behavior modes and IPv4 connection patterns within limited drawing space. Thus, we propose a visual analytics system called `Owleyes' which reprocesses Netflow log data with simple statistical operations in basic dimensions and fulfills the aforementioned requirements with proper novel graphs such as `sunburst-hive-plot graph' (SHG) and link-wheel graph (LW). The SHG provides a stable and comparable means of visualizing connection patterns efficiently in a limited drawing space. The LW represents the hourly connection counts of main ports in a specific IPv4 connection during one day. With the use case dealing with the ChinaVis 2016 Challenge I data, the efficiency and practicability of Owleyes are demonstrated.
topic Visual analytics
network security
sunburst-hiveplot graph
link wheel graph
user-centric interaction
url https://ieeexplore.ieee.org/document/8993793/
work_keys_str_mv AT yanyan owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
AT lingjunhe owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
AT liliu owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
AT taoyang owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
AT wenhuahou owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
AT hongxiang owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
AT xiaofengxia owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
AT haibohu owleyesavisualanalyticssystemforfunctionsandconnectionpatternsofipv4addressesinnetworks
_version_ 1724187074020507648

Similar Items