Contextual Network Navigation to provide Situational Awareness for Network Administrators

Hdl Handle:
http://hdl.handle.net/10034/604556
Title:
Contextual Network Navigation to provide Situational Awareness for Network Administrators
Authors:
Gray, Cameron C.; Ritsos, Panagiotis D.; Roberts, Jonathan C.
Abstract:
One of the goals of network administrators is to identify and block sources of attacks from a network steam. Various tools have been developed to help the administrator identify the IP or subnet to be blocked, however these tend to be non-visual. Having a good perception of the wider network can aid the administrator identify their origin, but while network maps of the Internet can be useful for such endeavors, they are difficult to construct, comprehend and even utilize in an attack, and are often referred to as being “hairballs”. We present a visualization technique that displays pathways back to the attacker; we include all potential routing paths with a best-efforts identification of the commercial relationships involved. These two techniques can potentially highlight common pathways and/or networks to allow faster, more complete resolution to the incident, as well as fragile or incomplete routing pathways to/from a network. They can help administrators re-profile their choice of IP transit suppliers to better serve a target audience.
Affiliation:
Bangor University; University of Chester
Citation:
Gray, C. C., Ritsos, P. D., & Roberts, J. C. (2015). Contextual network navigation to provide situational awareness for network administrators. Paper presented at the Visualization for Cyber Security (VizSec), 2015 IEEE Symposium on. Chicago. doi 10.1109/VIZSEC.2015.7312769
Publisher:
IEEE
Publication Date:
26-Oct-2015
URI:
http://hdl.handle.net/10034/604556
DOI:
10.1109/VIZSEC.2015.7312769
Additional Links:
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7312769&filter%3DAND%28p_IS_Number%3A7312757%29
Type:
Article; Preprint; Meetings and Proceedings
Language:
en_US
Description:
“© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
ISBN:
9781467376006
Appears in Collections:
Computer Science

Full metadata record

DC FieldValue Language
dc.contributor.authorGray, Cameron C.en
dc.contributor.authorRitsos, Panagiotis D.en
dc.contributor.authorRoberts, Jonathan C.en
dc.date.accessioned2016-04-05T18:19:37Zen
dc.date.available2016-04-05T18:19:37Zen
dc.date.issued2015-10-26en
dc.identifier.citationGray, C. C., Ritsos, P. D., & Roberts, J. C. (2015). Contextual network navigation to provide situational awareness for network administrators. Paper presented at the Visualization for Cyber Security (VizSec), 2015 IEEE Symposium on. Chicago. doi 10.1109/VIZSEC.2015.7312769en
dc.identifier.isbn9781467376006-
dc.identifier.doi10.1109/VIZSEC.2015.7312769en
dc.identifier.urihttp://hdl.handle.net/10034/604556en
dc.description“© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.-
dc.description.abstractOne of the goals of network administrators is to identify and block sources of attacks from a network steam. Various tools have been developed to help the administrator identify the IP or subnet to be blocked, however these tend to be non-visual. Having a good perception of the wider network can aid the administrator identify their origin, but while network maps of the Internet can be useful for such endeavors, they are difficult to construct, comprehend and even utilize in an attack, and are often referred to as being “hairballs”. We present a visualization technique that displays pathways back to the attacker; we include all potential routing paths with a best-efforts identification of the commercial relationships involved. These two techniques can potentially highlight common pathways and/or networks to allow faster, more complete resolution to the incident, as well as fragile or incomplete routing pathways to/from a network. They can help administrators re-profile their choice of IP transit suppliers to better serve a target audience.en
dc.language.isoen_USen
dc.publisherIEEEen
dc.relation.urlhttp://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7312769&filter%3DAND%28p_IS_Number%3A7312757%29en
dc.subjectVisualizationen
dc.subjectInterneten
dc.subjectIP Networksen
dc.subjectnetworkingen
dc.titleContextual Network Navigation to provide Situational Awareness for Network Administratorsen_US
dc.typeArticleen
dc.typePreprinten
dc.typeMeetings and Proceedingsen
dc.contributor.departmentBangor University; University of Chesteren
This item is licensed under a Creative Commons License
Creative Commons
All Items in ChesterRep are protected by copyright, with all rights reserved, unless otherwise indicated.