Skip to main content
Skip to "About government"
Language selection
Français
Government of Canada /
Gouvernement du Canada
Search
Search the website
Search
Menu
Main
Menu
Jobs and the workplace
Immigration and citizenship
Travel and tourism
Business and industry
Benefits
Health
Taxes
Environment and natural resources
National security and defence
Culture, history and sport
Policing, justice and emergencies
Transport and infrastructure
Canada and the world
Money and finances
Science and innovation
You are here:
Canada.ca
Library and Archives Canada
Services
Services for galleries, libraries, archives and museums (GLAMs)
Theses Canada
Item – Theses Canada
Page Content
Item – Theses Canada
OCLC number
711935230
Link(s) to full text
LAC copy
LAC copy
Author
Taylor, Terry Scott.
Title
FloVis : a network security visualization framework.
Degree
M.C. Sc. -- Dalhousie University, 2009
Publisher
Ottawa : Library and Archives Canada = Bibliothèque et Archives Canada, [2010]
Description
1 microfiche
Notes
Includes bibliographical references.
Abstract
Security analysts examine gigabytes of network data on a daily basis looking for signs of intrusive behaviour. Command-line tools such as the System for Internet-Level Knowledge (SiLK) tool suite are helpful but the volume of data makes analysis difficult. We present the FloVis Netflow Visualization Framework, an extensible visualization platform meant to compliment tools such as SiLK for network analysis. Visualization is compelling because it allows the user to view significant portions of data at once and utilize his/her high bandwidth vision and pattern matching abilities for rapid data analysis. FloVis is unique because visualizations are dynamically loaded plugins within the framework, meaning that new visualizations can be added to the system as desired. In this thesis, we discuss the general framework along with three such plugins: FlowBundle, NetBytes Viewer and the SiLK Query Tool. FlowBundle shows connections between hosts on a network using bundling and node aggregation in order to reduce occlusion; NetBytes Viewer provides detailed host volume information per port/protocol over a time period using a 3D impulse graph; and, the SiLK Query Tool is a graphical front-end to the SiLK analysis tools for viewing raw NetFlow records in a tabular form. The system supports drill down and interaction between the different visualizations so that users can see the data in various ways. In addition to describing the existing state of FloVis, the thesis also discusses case studies as well as an informal user study. Finally, a discussion of the future direction of the framework is offered.
ISBN
9780494502853
0494502851
Date modified:
2022-09-01