%0 Journal Article %1 4035755 %A Bethel, E.W. %A Campbell, S. %A Dart, E. %A Stockinger, K. %A Wu, Kesheng %D 2006 %J Visual Analytics Science And Technology, 2006 IEEE Symposium On %K ad-hoc analysis, analytics, bitmap connection data discovery, filtering, formulation, hypothesis indexing, interactive knowledge management mining, multiresolution network query query-driven scientific security, telecommunication testing, traffic trafficcompressed visual visualisation, visualization, %P 115-122 %R 10.1109/VAST.2006.261437 %T Accelerating Network Traffic Analytics Using Query-Driven Visualization %X Realizing operational analytics solutions where large and complex data must be analyzed in a time-critical fashion entails integrating many different types of technology. This paper focuses on an interdisciplinary combination of scientific data management and visualization/analysis technologies targeted at reducing the time required for data filtering, querying, hypothesis testing and knowledge discovery in the domain of network connection data analysis. We show that use of compressed bitmap indexing can quickly answer queries in an interactive visual data analysis application, and compare its performance with two alternatives for serial and parallel filtering/querying on 2.5 billion records' worth of network connection data collected over a period of 42 weeks. Our approach to visual network connection data exploration centers on two primary factors: interactive ad-hoc and multiresolution query formulation and execution over n dimensions and visual display of the n-dimensional histogram results. This combination is applied in a case study to detect a distributed network scan and to then identify the set of remote hosts participating in the attack. Our approach is sufficiently general to be applied to a diverse set of data understanding problems as well as used in conjunction with a diverse set of analysis and visualization tools

@article{4035755, abstract = {Realizing operational analytics solutions where large and complex data must be analyzed in a time-critical fashion entails integrating many different types of technology. This paper focuses on an interdisciplinary combination of scientific data management and visualization/analysis technologies targeted at reducing the time required for data filtering, querying, hypothesis testing and knowledge discovery in the domain of network connection data analysis. We show that use of compressed bitmap indexing can quickly answer queries in an interactive visual data analysis application, and compare its performance with two alternatives for serial and parallel filtering/querying on 2.5 billion records' worth of network connection data collected over a period of 42 weeks. Our approach to visual network connection data exploration centers on two primary factors: interactive ad-hoc and multiresolution query formulation and execution over n dimensions and visual display of the n-dimensional histogram results. This combination is applied in a case study to detect a distributed network scan and to then identify the set of remote hosts participating in the attack. Our approach is sufficiently general to be applied to a diverse set of data understanding problems as well as used in conjunction with a diverse set of analysis and visualization tools}, added-at = {2009-02-06T13:12:40.000+0100}, author = {Bethel, E.W. and Campbell, S. and Dart, E. and Stockinger, K. and Wu, Kesheng}, biburl = {https://www.bibsonomy.org/bibtex/2c2aa48304252d53404516af9c18cb46c/flykeysky}, description = {Welcome to IEEE Xplore 2.0: Accelerating Network Traffic Analytics Using Query-Driven Visualization}, doi = {10.1109/VAST.2006.261437}, interhash = {e0c1635b1019905f153cfe5ae6fe6a34}, intrahash = {c2aa48304252d53404516af9c18cb46c}, journal = {Visual Analytics Science And Technology, 2006 IEEE Symposium On}, keywords = {ad-hoc analysis, analytics, bitmap connection data discovery, filtering, formulation, hypothesis indexing, interactive knowledge management mining, multiresolution network query query-driven scientific security, telecommunication testing, traffic trafficcompressed visual visualisation, visualization,}, month = {31 2006-Nov. 2}, pages = {115-122}, timestamp = {2009-02-06T13:12:40.000+0100}, title = {Accelerating Network Traffic Analytics Using Query-Driven Visualization}, year = 2006 }