scholarly journals InSight2: A Modular Visual Analysis Platform for Network Situational Awareness in Large-Scale Networks

Electronics ◽  
2020 ◽  
Vol 9 (10) ◽  
pp. 1747
Author(s):  
Hansaka Angel Dias Edirisinghe Kodituwakku ◽  
Alex Keller ◽  
Jens Gregor
Keyword(s):  
Real Time ◽  
Computer Networks ◽  
Network Flow ◽  
Large Scale ◽  
Visual Analysis ◽  
Situational Awareness ◽  
Monitoring Network ◽  
Network Activity ◽  
Flow Data ◽  
Large Scale Networks

The complexity and throughput of computer networks are rapidly increasing as a result of the proliferation of interconnected devices, data-driven applications, and remote working. Providing situational awareness for computer networks requires monitoring and analysis of network data to understand normal activity and identify abnormal activity. A scalable platform to process and visualize data in real time for large-scale networks enables security analysts and researchers to not only monitor and study network flow data but also experiment and develop novel analytics. In this paper, we introduce InSight2, an open-source platform for manipulating both streaming and archived network flow data in real time that aims to address the issues of existing solutions such as scalability, extendability, and flexibility. Case-studies are provided that demonstrate applications in monitoring network activity, identifying network attacks and compromised hosts and anomaly detection.

scholarly journals Visual Analysis of Network Flow Data with Timelines and Event Plots

2008 ◽  
pp. 85-99 ◽  
Author(s):  
D. Phan ◽  
J. Gerth ◽  
M. Lee ◽  
A. Paepcke ◽  
T. Winograd
Keyword(s):  
Network Flow ◽  
Visual Analysis ◽  
Flow Data

scholarly journals BMC-SDN: Blockchain-Based Multicontroller Architecture for Secure Software-Defined Networks

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Abdelouahid Derhab ◽  
Mohamed Guerroumi ◽  
Mohamed Belaoued ◽  
Omar Cheikhrouhou
Keyword(s):  
Network Flow ◽  
Large Scale ◽  
Flow Rule ◽  
Security Architecture ◽  
Software Defined Networks ◽  
Reputation Mechanism ◽  
Master Controller ◽  
Secure Software ◽  
Block Based ◽  
Large Scale Networks

Multicontroller software-defined networks have been widely adopted to enable management of large-scale networks. However, they are vulnerable to several attacks including false data injection, which creates topology inconsistency among controllers. To deal with this issue, we propose BMC-SDN, a security architecture that integrates blockchain and multicontroller SDN and divides the network into several domains. Each SDN domain is managed by one master controller that communicates through blockchain with the masters of the other domains. The master controller creates blocks of network flow updates, and its redundant controllers validate the new block based on a proposed reputation mechanism. The reputation mechanism rates the controllers, i.e., block creator and voters, after each voting operation using constant and combined adaptive fading reputation strategies. The evaluation results demonstrate a fast and optimal detection of fraudulent flow rule injection.

scholarly journals Directional Laplacian Centrality for Cyber Situational Awareness

2021 ◽  
Author(s):  
Sinan Aksoy ◽  
Emilie Purvine ◽  
Stephen Young
Keyword(s):  
Network Flow ◽  
Situational Awareness ◽  
A Priori ◽  
Laplacian Matrix ◽  
High Volume ◽  
Graph Laplacian ◽  
Spectral Graph Theory ◽  
Detection Methods ◽  
Flow Data ◽  
Graph Theoretic

Cyber operations is drowning in diverse, high-volume, multi-source data. In order to get a full picture of current operations and identify malicious events and actors analysts must see through data generated by a mix of human activity and benign automated processes. Although many monitoring and alert systems exist, they typically use signature-based detection methods. We introduce a general method rooted in spectral graph theory to discover patterns and anomalies without a priori knowledge of signatures. We derive and propose a new graph-theoretic centrality measure based on the derivative of the graph Laplacian matrix in the direction of a vertex. While our proposed Directional Laplacian Centrality may be applied to any graph, we study its effectiveness in identifying important Internet Protocol addresses in network flow data. Using both real and synthetic network flow data, we conduct several experiments to test our measure's sensitivity to two types of injected attack profiles.

scholarly journals Multi Comm_Plus: A Community Detection System for Identification of Community in Multi-Dimensional Networks

2016 ◽  
Vol 4 (05) ◽  
pp. 9879-9884
Author(s):  
Dhanya Sudhakaran ◽  
Shini Renjith
Keyword(s):  
Big Data ◽  
Real Time ◽  
Community Detection ◽  
Data Analytics ◽  
Selection Criteria ◽  
Large Scale ◽  
Detection System ◽  
Big Data Analytics ◽  
Detection Algorithms ◽  
Large Scale Networks

Community detection is a common problem in graph and big data analytics. It consists of finding groups of densely connected nodes with few connections to nodes outside of the group. In particular, identifying communities in large-scale networks is an important task in many scientific domains. Community detection algorithms in literature proves to be less efficient, as it leads to generation of communities with noisy interactions. To address this limitation, there is a need to develop a system which identifies the best community among multi-dimensional networks based on relevant selection criteria and dimensionality of entities, thereby eliminating the noisy interactions in a real-time environment.

scholarly journals Towards a Bio-Inspired Real-Time Neuromorphic Cerebellum

2021 ◽  
Vol 15 ◽  
Author(s):  
Petruţ A. Bogdan ◽  
Beatrice Marcinnò ◽  
Claudia Casellato ◽  
Stefano Casali ◽  
Andrew G.D. Rowley ◽  
...  
Keyword(s):  
Real Time ◽  
Large Scale ◽  
Granule Cells ◽  
Network Activity ◽  
Network Simulator ◽  
Double Precision ◽  
Simulation Speed ◽  
Neuromorphic Hardware ◽  
The Future ◽  
Spiking Activity

This work presents the first simulation of a large-scale, bio-physically constrained cerebellum model performed on neuromorphic hardware. A model containing 97,000 neurons and 4.2 million synapses is simulated on the SpiNNaker neuromorphic system. Results are validated against a baseline simulation of the same model executed with NEST, a popular spiking neural network simulator using generic computational resources and double precision floating point arithmetic. Individual cell and network-level spiking activity is validated in terms of average spike rates, relative lead or lag of spike times, and membrane potential dynamics of individual neurons, and SpiNNaker is shown to produce results in agreement with NEST. Once validated, the model is used to investigate how to accelerate the simulation speed of the network on the SpiNNaker system, with the future goal of creating a real-time neuromorphic cerebellum. Through detailed communication profiling, peak network activity is identified as one of the main challenges for simulation speed-up. Propagation of spiking activity through the network is measured, and will inform the future development of accelerated execution strategies for cerebellum models on neuromorphic hardware. The large ratio of granule cells to other cell types in the model results in high levels of activity converging onto few cells, with those cells having relatively larger time costs associated with the processing of communication. Organizing cells on SpiNNaker in accordance with their spatial position is shown to reduce the peak communication load by 41%. It is hoped that these insights, together with alternative parallelization strategies, will pave the way for real-time execution of large-scale, bio-physically constrained cerebellum models on SpiNNaker. This in turn will enable exploration of cerebellum-inspired controllers for neurorobotic applications, and execution of extended duration simulations over timescales that would currently be prohibitive using conventional computational platforms.

scholarly journals Bayesian dynamic modeling and monitoring of network flows

2019 ◽  
Vol 7 (3) ◽  
pp. 292-318 ◽  
Author(s):  
Xi Chen ◽  
David Banks ◽  
Mike West
Keyword(s):  
Time Series ◽  
Dynamic Modeling ◽  
Network Flow ◽  
Large Scale ◽  
Sequential Analysis ◽  
Linear Models ◽  
Network Flows ◽  
Dynamic Network ◽  
Dynamic Network Flow ◽  
Large Scale Networks

AbstractIn the context of a motivating study of dynamic network flow data on a large-scale e-commerce website, we develop Bayesian models for online/sequential analysis for monitoring and adapting to changes reflected in node–node traffic. For large-scale networks, we customize core Bayesian time series analysis methods using dynamic generalized linear models (DGLMs). These are integrated into the context of multivariate networks using the concept of decouple/recouple that was recently introduced in multivariate time series. This method enables flexible dynamic modeling of flows on large-scale networks and exploitation of partial parallelization of analysis while maintaining coherence with an over-arching multivariate dynamic flow model. This approach is anchored in a case study on Internet data, with flows of visitors to a commercial news website defining a long time series of node–node counts on over 56,000 node pairs. Central questions include characterizing inherent stochasticity in traffic patterns, understanding node–node interactions, adapting to dynamic changes in flows and allowing for sensitive monitoring to flag anomalies. The methodology of dynamic network DGLMs applies to many dynamic network flow studies.

Sign in / Sign up

Export Citation Format

Share Document