Interactive Visualized Security Analysis System of Large Distributed Network Flow Data

• Main Authors: Wei-Ru Dai, 戴瑋如
• Other Authors: 孫雅麗
• Format: Others
• Language: zh-TW
• Published: 2014
• Online Access: http://ndltd.ncl.edu.tw/handle/12206787482298257808

碩士 === 國立臺灣大學 === 資訊管理學研究所 === 102 === As the network volume grows rapidly, network activities and security problems are supposed to be more complicated. For security analysis, it is challenging to store the big volume of network traffic and access the data in real time. We propose a distributed processing system of scalable cloud environment called NetActy System (Network Activity Visualization System). NetActy is built on top of a VM cluster, which could allocate computing resource flexibly and improve resource utilization. There are modules in NetActy that function like the MapReduce framework to process big data. In addition to this, NetActy is able to visualize and display hierarchical graph data in the user interface. We design an in-memory intermediate data structure called BigIP Render Tree (BRT). BRT provides IP-, CIDR-, AS- and country-level query of network activities and its in-memory design could facilitate access to graph data. In a nutshell, NetActy is a system that provides queries and show views of network communication activities easily, clearly and quickly.