Title: Advances in network topology security visualisation

Authors: Joao Paulo S. Medeiros, Agostinho M. Brito Jr., Paulo S. Motta Pires, Selan R. Dos Santos

Addresses: Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, 59078-970, Natal/RN, Brazil. ' Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, 59078-970, Natal/RN, Brazil. ' Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, 59078-970, Natal/RN, Brazil. ' Department of Informatics and Applied Mathematics, Federal University of Rio Grande do Norte, 59078-970, Natal/RN, Brazil

Abstract: The pervasive aspect of the internet increases the demand for tools that support both monitoring and auditing of security aspects in computer networks. Ideally, these tools should provide a clear and objective presentation of security data in such a way as to let network administrators detect or even predict network security breaches. However, most of these data are still presented only in raw text form or through inadequate data presentation techniques. Our work addresses this problem by designing and developing a tool that aims at integrating several information visualisation techniques in an effective and expressive visualisation. We also present a novel method that detects OpenBSD PF SYN Proxy and Honeyd. This detection of Honeyd improve the visualisation content assuring that the presented data is not fake and the OpenBSD PF SYN Proxy detection shows which nodes are safe from TCP SYN flooding attacks and improve firewall detection. We have tested our tool in the context of network security, presenting two case studies that demonstrate important features such as scalability and detection of critical network security issues.

Keywords: network security visualisation; network topology discovery; Honeyd; SYN proxy detection; flooding attacks; firewall detection; information visualisation.

DOI: 10.1504/IJSSE.2009.031347

International Journal of System of Systems Engineering, 2009 Vol.1 No.4, pp.387 - 400

Published online: 01 Feb 2010 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article