skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Interactive Analysis of Large Network Data Collections UsingQuery-Driven Visualization

Abstract

Realizing operational analytics solutions where large and complex data must be analyzed in a time-critical fashion entails integrating many different types of technology. Considering the extreme scale of contemporary datasets, one significant challenge is to reduce the duty cycle in the analytics discourse process. This paper focuses on an interdisciplinary combination of scientific data management and visualization/analysis technologies targeted at reducing the duty cyclein hypothesis testing and knowledge discovery. We present an application of such a combination in the problem domain of network traffic data analysis. Our performance experiment results, including both serial and parallel scalability tests, show that the combination can dramatically decrease the analytics duty cycle for this particular application. The combination is effectively applied to the analysis of network traffic data to detect slow and distributed scans, which is a difficult-to-detect form of cyber attack. Our approach is sufficiently general to be applied to a diverse set of data understanding problems as well as used in conjunction with a diverse set of analysis and visualization tools.

Authors:
; ; ; ; ; ; ;
Publication Date:
Research Org.:
Ernest Orlando Lawrence Berkeley NationalLaboratory, Berkeley, CA (US)
Sponsoring Org.:
USDOE Director. Office of Science. Advanced ScientificComputing Research; Department of Homeland Security NationalVisualization and Analytics Center, National Nuclear SecurityAdministration
OSTI Identifier:
891627
Report Number(s):
LBNL-59166
R&D Project: K11107; BnR: KJ0101030; TRN: US200622%%269
DOE Contract Number:  
DE-AC02-05CH11231
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE; DATA ANALYSIS; HYPOTHESIS; MANAGEMENT; PERFORMANCE; TESTING; interactive data exploration and discovery multivariatevisualization security traffic analysis query-drivenvisualization

Citation Formats

Bethel, E. Wes, Campbell, Scott, Dart, Eli, Lee, Jason, Smith,Steven A., Stockinger, Kurt, Tierney, Brian, and Wu, Kesheng. Interactive Analysis of Large Network Data Collections UsingQuery-Driven Visualization. United States: N. p., 2005. Web. doi:10.2172/891627.
Bethel, E. Wes, Campbell, Scott, Dart, Eli, Lee, Jason, Smith,Steven A., Stockinger, Kurt, Tierney, Brian, & Wu, Kesheng. Interactive Analysis of Large Network Data Collections UsingQuery-Driven Visualization. United States. doi:10.2172/891627.
Bethel, E. Wes, Campbell, Scott, Dart, Eli, Lee, Jason, Smith,Steven A., Stockinger, Kurt, Tierney, Brian, and Wu, Kesheng. Thu . "Interactive Analysis of Large Network Data Collections UsingQuery-Driven Visualization". United States. doi:10.2172/891627. https://www.osti.gov/servlets/purl/891627.
@article{osti_891627,
title = {Interactive Analysis of Large Network Data Collections UsingQuery-Driven Visualization},
author = {Bethel, E. Wes and Campbell, Scott and Dart, Eli and Lee, Jason and Smith,Steven A. and Stockinger, Kurt and Tierney, Brian and Wu, Kesheng},
abstractNote = {Realizing operational analytics solutions where large and complex data must be analyzed in a time-critical fashion entails integrating many different types of technology. Considering the extreme scale of contemporary datasets, one significant challenge is to reduce the duty cycle in the analytics discourse process. This paper focuses on an interdisciplinary combination of scientific data management and visualization/analysis technologies targeted at reducing the duty cyclein hypothesis testing and knowledge discovery. We present an application of such a combination in the problem domain of network traffic data analysis. Our performance experiment results, including both serial and parallel scalability tests, show that the combination can dramatically decrease the analytics duty cycle for this particular application. The combination is effectively applied to the analysis of network traffic data to detect slow and distributed scans, which is a difficult-to-detect form of cyber attack. Our approach is sufficiently general to be applied to a diverse set of data understanding problems as well as used in conjunction with a diverse set of analysis and visualization tools.},
doi = {10.2172/891627},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2005},
month = {12}
}