18th Annual FIRST Conference
Network traffic dynamics have become an important behavior-based approach to assist security administrators in protecting networks. In this paper/presentation we present VisFlowConnect-IP, a link-based network flow visualization tool that allows operators to detect and investigate anomalous internal and external network traffic. We model the network as a graph with hosts being nodes and traffic flows being edges. We present a detailed description of VisFlowConnect-IP functionality and demonstrate its application to traffic dynamics in order to monitor, discover, and investigate security-relevant events.
http://www.first.org/conference/2006/papers/yurcik-william-slides.pdf
Type: Slides
Format: application/pdf
Last updated: July 12, 2006
Size: 2.99 Mb
http://www.first.org/conference/2006/papers/yurcik-william-papers.pdf
Type: Paper
Format: application/pdf
Last updated: July 12, 2006
Size: 757 Kb
Authors & presenters
(NCSA-IRST – National Center for Supercomputing Applications, US)
