Using Space Filling Curves to Improve Large Scale Network Traffic Visualization PowerPoint PPT Presentation

presentation player overlay
1 / 7
About This Presentation
Transcript and Presenter's Notes

Title: Using Space Filling Curves to Improve Large Scale Network Traffic Visualization


1
Using Space Filling Curves to Improve Large Scale
Network Traffic Visualization
  • Taghrid Samak, Adel El-Atawy and Ehab Al-Shaer
  • DePaul University
  • School of Computer Science, Telecommunications
    and Information Systems

2
Motivation
  • Network attacks are more distributed than ever
    before.
  • Light weight attacks need careful monitoring and
    activity tracking over multiple links. Single
    link monitoring or snapshot analysis is rarely
    enough.
  • Data collected at each location should be
    communicated to the analysis/ response engine
    with minimal overhead.
  • Image/Video Processing algorithms are
    sophisticated enough and intensively supported by
    specialized Hardware.

3
Technical Approach
  • Distributed Data Collection Agents periodically
    send digested information to the Analysis Engine.
  • Each Agent generates an image from mapping
    collected statistics into a 2D image.
  • The mapping is selected such that the images
    created can withstand aggressive scaling and
    compression.

4
Formalization
  • Packet tally is kept for fields of interest.
  • Histograms of single and multiple field values
    are built.
  • The position (x, y) of a point representing the
    frequency of certain field value is obtained as
    follows

Space-Filling Curves will be used for these two
mappings
where n is the number of dimensions, Vi is the
domain of dimension i, S 0,1, ,N-1, and N
V1 x V2 x Vn, and (X,Y) is the pixel
position on the image.
where vi ? Vi and C() is the number of data
samples that contained the set of values ltv1,v2,
,vngt
5
Space Filling Curves
  • Previous work used Naïve Scan for visualizing
    traffic statistics.
  • Enhanced results were obtained using Space
    Filling Curves (C-Scan, Hilbert, and Lebesgue)
  • Clustering, Clustering, Clustering,

Naïve Scan
C-Scan
Hilbert
Lebesgue
6
Single Field Visualization
Over 2 min window
Naïve Scan
Hilbert
7
2-Field Visualization
Source IP against Destination IP Original
images (256x256) 64K pixels, scaled down to 8x8
pixels.
High activity visible in both mappings
Peak still significant
Peak diluted!
Naïve Scan
Hilbert
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Using Space Filling Curves to Improve Large Scale Network Traffic Visualization" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!