Electronic versions

One of the goals of network administrators is to identify and block sources of attacks from a network steam. Various tools have been developed to help the administrator identify the IP or subnet to be blocked, however these tend to be non-visual. Having a good perception of the wider network can aid the administrator identify their origin, but while network maps of the Internet can be useful for such endeavors, they are difficult to construct, comprehend and even utilize in an attack, and are often referred to as being “hairballs”. We present a visualization technique that displays pathways back to the attacker; we include all potential routing paths with a best-efforts identification of the commercial relationships involved. These two techniques can potentially highlight common pathways and/or networks to allow faster, more complete resolution to the incident, as well as fragile or incomplete routing pathways to/from a network. They can help administrators re-profile their choice of IP transit suppliers to better serve a target audience.
Original languageEnglish
DOIs
Publication statusPublished - 2 Nov 2015
EventVisualization for Cyber Security (VizSec), 2015 IEEE Symposium on - Chicago, United States
Duration: 25 Oct 201525 Oct 2015
http://ieeexplore.ieee.org/document/7312769/

Conference

ConferenceVisualization for Cyber Security (VizSec), 2015 IEEE Symposium on
Abbreviated titleVizSec
CountryUnited States
CityChicago
Period25/10/1525/10/15
Internet address
View graph of relations