interface | Complex Data Visualized

11 articles Tag interface

Inside AT&T Network Operation Center

by Johannes Landstorfer on June 2, 2013, 0 comments

Every time we go online, make a phone call, send an SMS, we use the networks of large operators. These are large technical constructions and they need permanent monitoring and maintenance to work as we expect (which is: we don’t notice they are even there).

Network Operations Centers (NOC) are the institutions where network operators concentrate experts and technology to permanently check parameters of the networks, fix problems, and detect malfunctions and malware. Through their unique position, these NOCs are usually heavily shielded from the outside world.

This video gives a short insight into the Global NOC of AT&T (Bedminster, NJ), including a glimpse on their visualisations and an interview with Chuck Kerschner (Director of Network Operations at AT&T).

Friedmann and Kerschner in front of the video wall of the AT&T GNOC

Although Lex Friedman of TechHive asks the “right questions” (i.e. the questions we have as well), the answers are often a bit short and too general to learn a lot from them. Still, an interesting video for inspiration.

View on the large shared dashboard at AT&T (in the video at 1:20)

A little more detais are availble here as audio, and in an WSJ article about a specialist working at AT&T to prepare for unusual traffic spikes.

Even closer to the SASER/Siegfried project are (Information) Security Operations Centers (SOCs) – note that Kerschner is mostly concerned with storms or technical outages, not with security threats like viruses or botnets. Steve Roderick is the colleague at the AT&T center responsible for security.

Tags: collaboration, implementation, interface, network, user needs, visualization

Google+ Ripples

by Jan-Erik Stange on April 18, 2013, 0 comments

Google+ Ripples is a visualization of the spread of public posts in the social network Google+. Signed-up members of Google+ can select any public post and have a look at the spread of the post through the network. Only reposts that are set to public are shown in this visualization, so the visualization doesn’t show the reposts of people in their private circles.
The selected post is shown in the middle of the visualization. Reposts are represented by circles labeled with the person’s name that shared the post. Arrows show which person shared which post. If a shared post is shared again, the shared’s post circle becomes bigger. The spread of a message over time can be observed by using the timeline slider at the bottom of the diagram. It is also possible to zoom into diagram, which becomes very helpful when looking at posts that were reposted a lot of times.
The circles have different colors assigned, though it is not clear to me, what these are expressing.

I think generally this is an interesting approach of visualizing “contagion” in a network. It clearly identifies people that are more “contagious” than other people, which could be explained by these people having more social ties in the social network, having something like a leadership role or it could just mean that these people’s friends are more interested in the topic than other people’s friends that didn’t reshare their post. The zoomable user interface is a good way of providing focus and context by interaction. It allows for quite large numbers of elements to be displayed hiding detail information when it is zoomed out, providing more and more information with every zoom-in step.
Some aspects of the interface are worth discussing: For example, why do the circles of reshared posts have to be that large taking away a lot of space? Posts that reshare a post don’t necessarily have to be inside the circle. Also the interface could show all the reposts including the privately shared without providing the name of the sharing person.

Tags: hierarchy, infosthetics, Interactive, interface, network, social network, tree, visualization, web

Stanford Dissertation Browser

by admin on April 3, 2013, 0 comments

Stanford-Dissertation-Browser-electrical-engineering-625x608 The Stanford Dissertation Browser is an interactive tool to explore similarities between different fields of study at Stanford University by examining the language used in the different PhD publications. Fields of study are arranged around a circle with one field of study in the centre. For the subject in the centre similarities with other fields are shown by the distance to the centre. The closer the circles, the more common the language these fields share.

For example, if you select Electrical Engineering the field Computational Science will move close to the centre, which is not a big surprise. When selecting Music, however, Computational Science also moves very close to the centre. Something you might not expect, at least not to this degree. With a slider at the bottom different years can be selected. The different years are shown all the time in the diagram by very subtle grey circles, which display year and field of study, if you hover over them. In this way you get an overview over the distribution over time and can get more details by moving the timeline slider to select specific years.

This way of visualizing a network is similar to the method the research group Research on Complex Systems at Northwestern University used in their visualization of the structural change in the international flight network. In a similar manner, one particular node was put into focus, surrounding nodes being closer to this node when these two nodes were strongly connected by many links. The same ist the case with the different fields of study. The more words they share, the more connections or links are there between these fields, moving them closer together.

Tags: graph, infosthetics, Interactive, interface, network, science, tool, visualization, web

The Power Rank

by admin on March 12, 2013, 0 comments

ThePowerNode

The Power Rank is a visualization of the chances of winning for all the basketball teams participating in the NCAA Tournament. The teams are organized around a circle grouped by the region they are from. In the center of the circle you can see all the games of the tournament represented by dots. These are connected to the different teams that could possibly take part in the game. When hovering over these dots, the teams get highlighted and the probability of being the winner of this particular game is shown at the team’s label with a percentage value. You can also hover over particular teams to show what the corresponding chances of winning are in the different games leading to the final (which is the dot in the middle).

This visualization is rather uncommon in that it shows a hierarchy in the middle of the circle with a treelike structure. Of course this is a visualization that can handle only a certain amount of data because the space is limited by the circle.

Tags: diagram, hierarchy, infosthetics, Interactive, interface, tree, visualization, web

LogRhythm

by admin on February 7, 2013, 0 comments

LogRhythm is a SIEM that can be applied either in smaller organizations as a single software instance or in midsize to large organizations as a combination of different software applications. It offers log management, event management, reporting, user and file integrity monitoring. The product is easily and quickly deployed due to a helpful configuration wizard. Though LogRhythm is capable of event correlation, compared to its competitors it’s very basic and optimized for the most common use cases. Gartner has positioned the product in their Magic Quadrant for Security Information and Event Management as one of the leaders.

Tags: alerts, commercial, dashboard, desktop, Interactive, interface, network, security, SIEM, tool

Sentinel, Security Manager (NetIQ)

by admin on February 6, 2013, 0 comments

NetIQ Sentinel

The company NetIQ offers two SIEM solutions: Sentinel and Security Manager. Sentinel is a product originally offered by Novell. With the recent acquisition of the company by NetIQ there are two products overlapping in their functionality. In the future all functionality will be merged into the Sentinel solution. Sentinel’s strength lies in event correlation and real-time event management. Security Manager lacks this functionality and focuses more on host- and agentbased monitoring capabilities for server platforms, something missing in most SIEMs. Sentinel is a leader in the Gartner Magic Quadrant 2012

Tags: alerts, commercial, dashboard, desktop, Interactive, interface, network, security, SIEM, tool

Q1 Labs (IBM)

by admin on February 6, 2013, 0 comments

IBM offers an extensive security system solution called Q1 Labs. This includes several products for different security aspects, like, for example, QRadar Log Manager for collecting, archiving and analyzing network and security event logs or QRadar SIEM for real-time analysis of security alerts and correlating data from different sources to detect any threats. The product distinguishes itself from other products by its ability to collect and process NetFlow data, by deep packet inspection (DPI) and behavior analysis for all supported event sources. According to Gartner it can be considered one of the leaders in the field (Gartner 2012).

QRadar SIEM Dashboard

Tags: alerts, commercial, dashboard, interface, network, security, SIEM, tool

Splunk

by admin on January 28, 2013, 0 comments

splunk_dashboard 2

Splunk is a general tool for analysing data in huge IT infrastructures. It consists of different tools that can be utilized in different contexts. With the “Splunk App for Enterprise Security” potential threats and security incidents can be observed, analysed and classified. Users of the app are presented with a web dashboard that visualizes different aspects of the network.

Tags: alerts, attack, commercial, dashboard, diagram, interface, network, security, tool, visualization, web

Snort – Intrusion Detection System

by admin on January 28, 2013, 1 comment

snorby2

BASE

Snort is an open source intrusion detection/prevention system (IDS/IPS) developed by Sourcefire. It is the most used IDS/IPS worldwide. Snort alone has no GUI to interact with, but it’s possible to connect several other Network Security Monitoring systems with it, like Snorby, BASE, OSSIM.

Tags: dashboard, IDS, Interactive, interface, network, security, visualization, web

ACARM WUI

by admin on January 28, 2013, 0 comments

ACARM_Heatmap

ACARM (Alert Correlation, Assessment and Reaction Module) is a tool that correlates alerts sent by host and network sensors into groups and in that way reducing the amount of messages that need to be viewed by a sytem administrator. There is a Web GUI that let’s the admin observe the different kinds of alerts with different graphical representations like, for example, pie charts, bar charts or more advanced. Different kinds of alerts are color coded on a color scale from green to red, green being just information, while red being critical.

Tags: alerts, attack, heatmap, Interactive, interface, security, tool, visualization, web

← older entries

Complex Data Visualized

Survey of interfaces and visualizations of complex networks