Visualizing network events in a muggle friendly way

Outi-Marja Latvala, Tommi Keränen, Sami Noponen, Niko Lehto, Mirko Sailio, Mikko Valta, Pia Olli

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

1 Citation (Scopus)

Abstract

This paper describes a work in progress for a proof of concept which visualizes network events of an industrial automation system in a 3D fish tank view. It aims to enable an automation operator, who most likely is a non-network-expert, to spot anomalies in network traffic and also to memorise past seen anomalies more easily. The developed solution builds upon three components: a Snort event-log forwarder, a database and the 3D fish tank to visualize the events. Different kind of fishes were chosen to present network nodes, and how they move in the fish tank describes the event. Visualization system was implemented using the Unity game engine. As this is still a work in progress, more development is needed; especially adding functionality to visualize normal network traffic besides Snort events is crucial. However, the first version showed interest among people, as this differs from traditional network event visualizations.
Original languageEnglish
Title of host publication2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017
PublisherInstitute of Electrical and Electronic Engineers IEEE
ISBN (Electronic)978-1-5090-5060-4
ISBN (Print)978-1-5090-5061-1
DOIs
Publication statusPublished - 18 Oct 2017
MoE publication typeA4 Article in a conference publication
EventInternational Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) - London, United Kingdom
Duration: 19 Jun 201720 Jun 2017

Conference

ConferenceInternational Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)
Abbreviated titleCyber SA
CountryUnited Kingdom
CityLondon
Period19/06/1720/06/17

Fingerprint

Fish
Automation
Visualization
Engines

Keywords

  • data visualization
  • security
  • monitoring
  • visualization
  • tools
  • communication networks
  • production facilities

Cite this

Latvala, O-M., Keränen, T., Noponen, S., Lehto, N., Sailio, M., Valta, M., & Olli, P. (2017). Visualizing network events in a muggle friendly way. In 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017 [8073400] Institute of Electrical and Electronic Engineers IEEE. https://doi.org/10.1109/CyberSA.2017.8073400
Latvala, Outi-Marja ; Keränen, Tommi ; Noponen, Sami ; Lehto, Niko ; Sailio, Mirko ; Valta, Mikko ; Olli, Pia. / Visualizing network events in a muggle friendly way. 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017. Institute of Electrical and Electronic Engineers IEEE, 2017.
@inproceedings{3acde7cc931a46b4946274d2d7124df4,
title = "Visualizing network events in a muggle friendly way",
abstract = "This paper describes a work in progress for a proof of concept which visualizes network events of an industrial automation system in a 3D fish tank view. It aims to enable an automation operator, who most likely is a non-network-expert, to spot anomalies in network traffic and also to memorise past seen anomalies more easily. The developed solution builds upon three components: a Snort event-log forwarder, a database and the 3D fish tank to visualize the events. Different kind of fishes were chosen to present network nodes, and how they move in the fish tank describes the event. Visualization system was implemented using the Unity game engine. As this is still a work in progress, more development is needed; especially adding functionality to visualize normal network traffic besides Snort events is crucial. However, the first version showed interest among people, as this differs from traditional network event visualizations.",
keywords = "data visualization, security, monitoring, visualization, tools, communication networks, production facilities",
author = "Outi-Marja Latvala and Tommi Ker{\"a}nen and Sami Noponen and Niko Lehto and Mirko Sailio and Mikko Valta and Pia Olli",
year = "2017",
month = "10",
day = "18",
doi = "10.1109/CyberSA.2017.8073400",
language = "English",
isbn = "978-1-5090-5061-1",
booktitle = "2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017",
publisher = "Institute of Electrical and Electronic Engineers IEEE",
address = "United States",

}

Latvala, O-M, Keränen, T, Noponen, S, Lehto, N, Sailio, M, Valta, M & Olli, P 2017, Visualizing network events in a muggle friendly way. in 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017., 8073400, Institute of Electrical and Electronic Engineers IEEE, International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA), London, United Kingdom, 19/06/17. https://doi.org/10.1109/CyberSA.2017.8073400

Visualizing network events in a muggle friendly way. / Latvala, Outi-Marja; Keränen, Tommi; Noponen, Sami; Lehto, Niko; Sailio, Mirko; Valta, Mikko; Olli, Pia.

2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017. Institute of Electrical and Electronic Engineers IEEE, 2017. 8073400.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Visualizing network events in a muggle friendly way

AU - Latvala, Outi-Marja

AU - Keränen, Tommi

AU - Noponen, Sami

AU - Lehto, Niko

AU - Sailio, Mirko

AU - Valta, Mikko

AU - Olli, Pia

PY - 2017/10/18

Y1 - 2017/10/18

N2 - This paper describes a work in progress for a proof of concept which visualizes network events of an industrial automation system in a 3D fish tank view. It aims to enable an automation operator, who most likely is a non-network-expert, to spot anomalies in network traffic and also to memorise past seen anomalies more easily. The developed solution builds upon three components: a Snort event-log forwarder, a database and the 3D fish tank to visualize the events. Different kind of fishes were chosen to present network nodes, and how they move in the fish tank describes the event. Visualization system was implemented using the Unity game engine. As this is still a work in progress, more development is needed; especially adding functionality to visualize normal network traffic besides Snort events is crucial. However, the first version showed interest among people, as this differs from traditional network event visualizations.

AB - This paper describes a work in progress for a proof of concept which visualizes network events of an industrial automation system in a 3D fish tank view. It aims to enable an automation operator, who most likely is a non-network-expert, to spot anomalies in network traffic and also to memorise past seen anomalies more easily. The developed solution builds upon three components: a Snort event-log forwarder, a database and the 3D fish tank to visualize the events. Different kind of fishes were chosen to present network nodes, and how they move in the fish tank describes the event. Visualization system was implemented using the Unity game engine. As this is still a work in progress, more development is needed; especially adding functionality to visualize normal network traffic besides Snort events is crucial. However, the first version showed interest among people, as this differs from traditional network event visualizations.

KW - data visualization

KW - security

KW - monitoring

KW - visualization

KW - tools

KW - communication networks

KW - production facilities

UR - http://www.scopus.com/inward/record.url?scp=85039938922&partnerID=8YFLogxK

U2 - 10.1109/CyberSA.2017.8073400

DO - 10.1109/CyberSA.2017.8073400

M3 - Conference article in proceedings

SN - 978-1-5090-5061-1

BT - 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017

PB - Institute of Electrical and Electronic Engineers IEEE

ER -

Latvala O-M, Keränen T, Noponen S, Lehto N, Sailio M, Valta M et al. Visualizing network events in a muggle friendly way. In 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017. Institute of Electrical and Electronic Engineers IEEE. 2017. 8073400 https://doi.org/10.1109/CyberSA.2017.8073400

Access to Document

Related content

Projects

Secure Networking for a Data Center Cloud in Europe

Project: Research