Deep Learning Enhanced Visulization Tool For Network Monitroing

In this era of web technology driven by social networks, cloud computing, big data, and E-business, technology is also rapidly evolving. Most of the information is stored and managed via the Internet. With an increase in these development tools and techniques, cyber-crime is constantly increasing. The level of damage these attacks cause to the system affects the organizations to the core. Contemporary Deep Learning and Machine Learning technologies have become the popular choice of intrusion detection systems for the detection and prediction of cyber-attack. Similarly, cyber-security visualization is also an integral and essential part of monitoring network traffic and optimization. Abundant work has already been done to detect attacks, but monitoring these attacks still appears as elusive as detection for cyber analysts. However, the current open-source visualization tool has not been integrated with Deep Learning models to gain intelligence on the network. While many researchers [3] are already working on cyber-attack defense mechanisms, this research also takes advantage of Deep Learning and Machine Learning technologies to contribute to the work against such crimes. A novel Deep Learning enhanced visualization tool is also proposed for malicious traffic node prediction and monitoring. The proposed method exploits the intriguing properties of Deep Learning models to gain intelligence for network monitoring. A real-world DARPA dataset has been used to validate the proposed method. Index Terms—Cyber-security, data analysis, data science, darpa-dataset, decision tree, deep learning, deep neural network, DL model, ML model, network analysis tool, network monitoring tool, supervised learning, support vector machine, visualization tool

An Iterative and Toolchain-Based Approach to Automate Scanning and Mapping Computer Networks

As today's organizational computer networks are ever evolving and becoming more and more complex, finding potential vulnerabilities and conducting security audits has become a crucial element in securing these networks. The first step in auditing a network is reconnaissance by mapping it to get a comprehensive overview over its structure. The growing complexity, however, makes this task increasingly effortful, even more as mapping (instead of plain scanning), presently, still involves a lot of manual work. Therefore, the concept proposed in this paper automates the scanning and mapping of unknown and non-cooperative computer networks in order to find security weaknesses or verify access controls. It further helps to conduct audits by allowing comparing documented with actual networks and finding unauthorized network devices, as well as evaluating access control methods by conducting delta scans. It uses a novel approach of augmenting data from iteratively chained existing scanning tools with context, using genuine analytics modules to allow assessing a network's topology instead of just generating a list of scanned devices. It further contains a visualization model that provides a clear, lucid topology map and a special graph for comparative analysis. The goal is to provide maximum insight with a minimum of a priori knowledge.Comment: 7 pages, 6 figure

Server Sounds and Network Noises

Abstract-For server and network administrators, it is a challenge to keep an overview of their systems to detect potential intrusions and security risks in real-time as well as in retrospect. Most security tools leverage our inherent ability for pattern detection by visualizing different types of security data. Several studies suggest that complementing visualization with sonification (the presentation of data using sound) can alleviate some of the challenges of visual monitoring (such as the need for constant visual focus). This paper therefore provides an overview of the current state of research regarding auditory-based and multimodal tools in computer security. Most existing research in this area is geared towards supporting users in real-time network and server monitoring, while there are only few approaches that are designed for retrospective data analysis. There exist several sonification-based tools in a mature state, but their effectiveness has hardly been tested in formal user and usability studies. Such studies are however needed to provide a solid basis for deciding which type of sonification is most suitable for which kind of scenarios and how to best combine the two modalities, visualization and sonification, to support users in their daily routines

Visually Managing IPsec

The United States Air Force relies heavily on computer networks to transmit vast amounts of information throughout its organizations and with agencies throughout the Department of Defense. The data take many forms, utilize different protocols, and originate from various platforms and applications. It is not practical to apply security measures specific to individual applications, platforms, and protocols. Internet Protocol Security (IPsec) is a set of protocols designed to secure data traveling over IP networks, including the Internet. By applying security at the network layer of communications, data packets can be secured regardless of what application generated the data or which protocol is used to transport it. However, the complexity of managing IPsec on a production network, particularly using the basic command-line tools available today, is the limiting factor to widespread deployment. This thesis explores several visualizations of IPsec data, evaluates the viability of using visualization to represent and manage IPsec, and proposes an interface for a visual IPsec management application to simplify IPsec management and make this powerful security option more accessible to the information warfighter

ENHANCED NETWORK SLICING FOR INDUSTRIAL AND ENERGY PROTOCOLS

With the development of industry 4.0 and the recent evolution of the substation automation, as prescribed at least by the International Electrotechnical Commission (IEC) 61850 Standard, the network is becoming one of the key element of these trends. Network design and network architecture are becoming more and more complex and leading to challenging problems and issues, such as network security, multiplication of unmanaged broadcast domains, and bandwidth limitations. Recent tools have been introduced to help network engineers visualize different industrial Internet of Things (IIoT) protocol flows and characterizations for devices connected to the network. However, visualization is not enough and any help in the design and configuration of the network would be a great differentiator. Techniques herein provide for the ability to utilize sensors to build a network map of industrial and power data flows. The network map can then be used to configure different network slices with guaranteed bandwidth and flow isolation

A Study of Basic 3D Visualization Architecture for Network Operation and Management Tools

Recently, network operation tools using 3D visualization technologies have become more and more important. Generally, 3D visualized network operation tools are useful for computer network management or operation. However, a development of 3D visualized network operation tools requires advanced technical skills and highly cost. On the other hand, 3D computer graphics technologies become more familiar in recent years because of that computer hardwares and softwares are rapidly growing and obtain high performance. In this research, we have developed basic architecture of 3D visualization system for network operation and management tools, by using an open source 3DCG software ``Blender'' and a programming language ``Python``. In this paper, we explain details, results of evaluation and efficiency of the proposed architecture

Exploring three-dimensional visualization of intrusion detection system alerts and network statistics

Intrusion Detection Systems (IDS) have been popular tools in the battle against adversaries who, for whatever reason, desire to break into networks, compromise hosts, and steal valuable information. One problem with current IDS implementations, however, is the sheer number of alerts they can generate, many of which tend to be false alarms. This drawback makes effective use of such systems a challenging task. In this thesis we explore three-dimensional approaches to visualizing network IDS alerts and aggregated network statistics in order to provide the system administrator with a better picture of the events occurring on his or her network. While some research has been done using two-dimensional concepts, 3D approaches have not received much attention with regard to detecting network intrusions. Evaluation of our visualizations using the 1999 DARPA Intrusion Detection Evaluation data set demonstrates the potential benefit of utilizing the third dimension. We show how a number of attack types in the data set, including Denial of Service, Probe, and Remote to Local, generate visual evidence of abnormal activity that a security administrator might use as motivation for further investigation. Using three dimensions provides a rich environment for visualization concepts, and while our initial efforts were successful, there is much room for other ideas and more complex techniques for interaction and drill-down. We hope research will continue in this direction and provide the basis for ever more powerful tools to aid security administrators in the fight against information technology threats

Dynamic 3D Network Data Visualization

Monitoring network traffic has always been an arduous and tedious task because of the complexity and sheer volume of network data that is being consistently generated. In addition, network growth and new technologies are rapidly increasing these levels of complexity and volume. An effective technique in understanding and managing a large dataset, such as network traffic, is data visualization. There are several tools that attempt to turn network traffic into visual stimuli. Many of these do so in 2D space and those that are 3D lack the ability to display network patterns effectively. Existing 3D network visualization tools lack user interaction, dynamic generation, and intuitiveness. This project proposes a user-friendly 3D network visualization application that creates both dynamic and interactive visuals. This application was built using the Bablyon.js graphics framework and uses anonymized data collected from a campus network