Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
VIZSEC
2005
Springer
2005
Springer
Visual Correlation of Host Processes and Network Traffic
Anomalous communication patterns are one of the leading indicators of computer system intrusions according to the system administrators we have interviewed. But a major problem is being able to correlate across the host/network boundary to see how network connections are related to running processes on a host. This paper introduces Portall, a visualization tool that gives system administrators a view of the communicating processes on the monitored machine correlated with the network activity in which the processes participate. Portall is a prototype of part of the Network Eye framework we have introduced in an earlier paper [1]. We discuss the Portall visualization, the supporting infrastructure it requires, and a formative usability study we conducted to obtain administrators’ reactions to the tool. CR Categories: H.5.2 [Information Interfaces and Presentation]: User Interfaces—Prototyping, Screen Design, UserCentered Design; K.6.5 [Management of computing and information systems...
Real-time Traffic| Added | 28 Jun 2010 |
| Updated | 28 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | VIZSEC |
| Authors | Glenn A. Fink, Paul Muessig, Chris North |
Comments (0)
Researcher Info
|
