By Topic

Network, IEEE

Issue 6 • Date November-December 2012

Filter Results

Displaying Results 1 - 15 of 15
  • IEEE Network [Cover]

    Page(s): c1
    Save to Project icon | Request Permissions | PDF file iconPDF (2675 KB)  
    Freely Available from IEEE
  • Table of contents

    Page(s): 1
    Save to Project icon | Request Permissions | PDF file iconPDF (82 KB)  
    Freely Available from IEEE
  • Editor's note

    Page(s): 2
    Save to Project icon | Request Permissions | PDF file iconPDF (309 KB)  
    Freely Available from IEEE
  • Computer network visualization [Guest Editorial]

    Page(s): 4 - 5
    Save to Project icon | Request Permissions | PDF file iconPDF (344 KB)  
    Freely Available from IEEE
  • The future of security visualization: Lessons from network visualization

    Page(s): 6 - 11
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (3320 KB) |  | HTML iconHTML  

    Approaches in security visualization have made significant progress in addressing challenges in the ever changing landscape of network security. However, many approaches are limited in both scope and scale, especially when we consider the complexity of the complete security analysis process. In this article, we review several notable recent systems in security visualization, examining their relative strengths and limitations. We then show that recent research in general network visualization, which often deals with domains other than security, provides new visual metaphors and interaction techniques that will help address limitations in security visualization systems. We examine several of these network visualization approaches in detail, and discuss how they can be applied to meet the challenges of the next generation of security visualization systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Alertwheel: radial bipartite graph visualization applied to intrusion detection system alerts

    Page(s): 12 - 18
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (4837 KB) |  | HTML iconHTML  

    Intrusion detection systems, or IDSs, are network security tools that generate huge quantities of information which are challenging to analyze. Information visualization is essential for efficiently parsing these data to discover the underlying causes of computer security breaches. AlertWheel is a user interface featuring a novel radial overview visualization, as well as filtering, drilling down, and saving and annotating subsets of data, to support the workflow of real network defense analysts. In designing AlertWheel, we identified new ways of displaying bipartite graphs (i.e., network diagrams showing links between two sets of nodes). The links in AlertWheel's visualizations are positioned and shaped to avoid occlusion of data, and three different edge bundling techniques are used to reduce clutter. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Navigating and visualizing the malware intelligence space

    Page(s): 19 - 25
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1476 KB) |  | HTML iconHTML  

    There is now a shift from traditional Cyber Security to Cyber Intelligence. We are only beginning to leverage the intelligence that can be extracted from the thousands of malware samples that are currently being gathered on a daily basis. By automatically creating analysis reports for each of these malware samples, it is possible to improve our understanding of the current cyber security situation on the Internet and of how malware evolves over time. However, research is still required in order to extract, summarize, and present this information to leverage its full potential. In this article, we present two approaches to navigate and visualize what we call the Malware Intelligence Space (i.e., the documentation of millions of malware samples). The first approach, called BeAVER, was built to navigate the Malware Intelligence Space. The second approach, called Malware Threat Radar, was designed to visualize relationships between malware samples and their evolution over time. We also present the technological detail of our implementation prototypes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • I can see for miles: Re-visualizing the internet

    Page(s): 26 - 32
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2104 KB) |  | HTML iconHTML  

    The visual representation of a network shows us far more than where nodes are or what types of network links connect them. A network map tells us the information its authors thought was important, and in doing so tells us what message they wished to convey, the level of technical detail they wished to share, and their ability to express this. We have collected a large set of publicly available network maps from a range of operators, countries, and times, and manually transcribed them into a portable data format. The result is a large store of network topology data and associated metadata. In this article we discuss some of the lessons learned both in collecting this data, and in what it can teach us about the priorities of network map makers. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Visual analytics for BGP monitoring and prefix hijacking identification

    Page(s): 33 - 39
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2555 KB) |  | HTML iconHTML  

    The control plane of the Internet relies entirely on BGP as the interdomain routing protocol to maintain and exchange routing information between large network providers and their customers. However, an intrinsic vulnerability of the protocol is its inability to validate the integrity and correctness of routing information exchanged between peer routers. As a result, it is relatively easy for people with malicious intent to steal legitimate IP blocks through an attack known as prefix hijacking, which essentially consists of injecting bogus routing information into the system to redirect or subvert network traffic. In this article, we give a short survey of visualization methods that have been developed for BGP monitoring, in particular for the identification of prefix hijacks. Our goal is to illustrate how network visualization has the potential to assist an analyst in detecting abnormal routing patterns in massive amounts of BGP data. Finally, we present an analysis of a real validated case of prefix hijacking, which took place between April and August 2011. We use this hijack case study to illustrate the ongoing work carried out in VIS-SENSE, a European research project that leverages visual analytics to develop more effective tools for BGP monitoring and prefix hijack detection. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Contextualized monitoring and root cause discovery in IPTV systems using data visualization

    Page(s): 40 - 46
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (4051 KB) |  | HTML iconHTML  

    This article describes the architecture and design of an IPTV network monitoring system and some of the use cases it enables. The system is based on distributed agents within IPTV terminal equipment (set-top box), which collect and send the data to a server where it is analyzed and visualized. In the article we explore how large amounts of collected data can be utilized for monitoring the quality of service and user experience in real time, as well as for discovering trends and anomalies over longer periods of time. Furthermore, the data can be enriched using external data sources, providing a deeper understanding of the system by discovering correlations with events outside of the monitored domain. Four supported use cases are described, among them using weather information for explaining away the IPTV quality degradation. The system has been successfully deployed and is in operation at the Slovenian IPTV provider Telekom Slovenije. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Wireless network deployment in the smart grid: Design and evaluation issues

    Page(s): 48 - 53
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (245 KB) |  | HTML iconHTML  

    The projected use of the power grid for "smart" applications such as advanced metering and distributed automation will require highly reliable, secure, well designed and managed communication networks. While many of the benefits of wireless communications, such as untethered access to information, support for mobility, and reduced infrastructure, would be available to the grid, there are still a number of unanswered questions regarding network performance, suitability, and security. In this article, we introduce the communication requirements that have been established for these applications thus far. Throughout, we highlight the implications of wireless deployment as it relates specifically to the smart grid and we identify key issues that must be considered when evaluating a wireless technology against the communication requirements. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Cellular-based machine-to-machine: overload control

    Page(s): 54 - 60
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (637 KB) |  | HTML iconHTML  

    One of the most important problems posed by cellular-based machine type communications is congestion. Congestion concerns all the parts of the network, both the radio and the core network impacting both the user data plane and the control plane. In this article, we address the problem of congestion in machine type communications. We propose a congestion-aware admission control solution that selectively rejects signaling messages from MTC devices at the radio access network following a probability that is set based on a proportional integrative derivative controller reflecting the congestion level of a relevant core network node. We evaluate the performance of our proposed solution using computer simulations. The obtained results are encouraging. In fact, we succeed in reducing the amount of signaling while maintaining a target utilization ratio of resources in the core network. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Energy efficiency in passive optical networks: where, when, and how?

    Page(s): 61 - 68
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (187 KB) |  | HTML iconHTML  

    This article provides an overview of current efforts in reducing energy consumption in passive optical access networks. Both ITU-T and IEEE standardized PONs are considered. The current solutions proposed by standardization authorities, industry, and academia are classified based on the layer they address in the standardized architectures: physical layer, data link layer, and hybrid. Then, the article provides answers to major questions, such as where, when, and how to reduce PON energy consumption in TDM PONs by means of a quantitative evaluation. Results show that to reduce energy consumption, ONUs must be provided with physical devices that are not only power-efficient but also provide improved services (e.g., fast synchronization) to upper layers. For this latter purpose, novel physical ONU architectures are proposed to speed up the synchronization process and enable effective data link layer solutions. Finally, the feasibility of switching ONUs to low power mode in idle slots is assessed through a testbed implementation. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Toward secure and effective data utilization in public cloud

    Page(s): 69 - 74
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (348 KB) |  | HTML iconHTML  

    Cloud computing enables a promising paradigm of data service outsourcing, where data owners can avoid committing large capital outlays by economically storing their data to public data centers for the convenient management of data storage and utilization. Despite the tremendous benefits, outsourcing data to the commercial public cloud also opens the door for unsolicited data access in the cloud and beyond. Thus, enabling a secure and effective cloud data utilization service is of paramount importance. Given the large number of data users and huge amount of outsourced cloud data, this problem is particularly challenging as it is extremely difficult to also meet the practical requirements of performance, system usability, and high-level user searching experiences. This article investigates these challenges and in particular defines the problem of fuzzy keyword search over encrypted cloud data, which aims at accommodating various typos and representation inconsistencies in different user searching input for acceptable system usability and overall user searching experience, while protecting keyword privacy. In order to further enrich the application spectrum, we also demonstrate how the notion of fuzzy search naturally supports similarity search, a fundamental and powerful tool that is widely used in information retrieval. We describe the challenges that are not yet met by existing techniques, and discuss the research directions and possible technical approaches for these new search functionalities to become a reality. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Arabian nights: measuring the arab internet during the 2011 events

    Page(s): 75 - 80
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (253 KB) |  | HTML iconHTML  

    The major turmoils in the Arab world since the beginning of 2011 were largely driven by social networks and are often referred to as the "Arab Spring." One of the methods used by rulers to mitigate the unrest is "shutting down" the Internet in their country. In this article we describe active measurements conducted during 2011 of several Arab countries, and analyze the changes in the network. These events provide a unique opportunity to measure features of the network that are otherwise hard to track, such as static or default BGP routes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

IEEE Network covers topics which include: network protocols and architecture; protocol design and validation; communications software; network control, signaling and management; network implementation (LAN, MAN, WAN); and micro-to-host communications.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Xuemin (Sherman) Shen, PhD
Engineering University of Waterloo