TY - GEN
T1 - Visualizing graph dynamics and similarity for enterprise network security and management
AU - Liao, Qi
AU - Striegel, Aaron
AU - Chawla, Nitesh
PY - 2010
Y1 - 2010
N2 - Managing complex enterprise networks requires an understanding at a finer granularity than traditional network monitoring. The ability to correlate and visualize the dynamics and inter-relationships among various network components such as hosts, users, and applications is non-trivial. In this paper, we propose a visualization approach based on the hierarchical structure of similarity/difference visualization in the context of heterogeneous graphs. The concept of hierarchical visualization starts with the evolution of inter-graph states, adapts to the visualization of intra-graph clustering, and concludes with the visualization of similarity between individual nodes. Our visualization tool, ENAVis (Enterprise Network Activities Visualization), quantifies and presents these important changes and dynamics essential to network operators through a visually appealing and highly interactive manner. Through novel graph construction and transformation, such as network connectivity graphs, MDS graphs, bipartite graphs, and similarity graphs, we demonstrate how similarity/dynamics can be effectively visualized to provide insight with regards to network understanding.
AB - Managing complex enterprise networks requires an understanding at a finer granularity than traditional network monitoring. The ability to correlate and visualize the dynamics and inter-relationships among various network components such as hosts, users, and applications is non-trivial. In this paper, we propose a visualization approach based on the hierarchical structure of similarity/difference visualization in the context of heterogeneous graphs. The concept of hierarchical visualization starts with the evolution of inter-graph states, adapts to the visualization of intra-graph clustering, and concludes with the visualization of similarity between individual nodes. Our visualization tool, ENAVis (Enterprise Network Activities Visualization), quantifies and presents these important changes and dynamics essential to network operators through a visually appealing and highly interactive manner. Through novel graph construction and transformation, such as network connectivity graphs, MDS graphs, bipartite graphs, and similarity graphs, we demonstrate how similarity/dynamics can be effectively visualized to provide insight with regards to network understanding.
KW - enterprise networks
KW - graphs
KW - local context
KW - policy assessment
KW - security
KW - visual graph data mining
KW - visualization
UR - http://www.scopus.com/inward/record.url?scp=78149458354&partnerID=8YFLogxK
U2 - 10.1145/1850795.1850799
DO - 10.1145/1850795.1850799
M3 - Conference contribution
AN - SCOPUS:78149458354
SN - 9781450300131
T3 - ACM International Conference Proceeding Series
SP - 34
EP - 45
BT - VizSec 2010 - Proceedings of the 7th International Symposium on Visualization for Cyber Security
PB - Association for Computing Machinery
Y2 - 14 September 2010 through 14 September 2010
ER -