Using relational graphs for exploratory analysis of network
traffic data

J 2023

Using relational graphs for exploratory analysis of network traffic data

ČERMÁK, Milan; Tatiana FRITZOVÁ; Vít RUSŇÁK a Denisa ŠRÁMKOVÁ

Základní údaje

Originální název

Using relational graphs for exploratory analysis of network traffic data

Autoři

ČERMÁK, Milan; Tatiana FRITZOVÁ; Vít RUSŇÁK a Denisa ŠRÁMKOVÁ

Vydání

Forensic Science International: Digital Investigation, 2023, 2666-2825

Další údaje

Jazyk

angličtina

Typ výsledku

Článek v odborném periodiku

Obor

10201 Computer sciences, information science, bioinformatics

Stát vydavatele

Spojené státy

Utajení

není předmětem státního či obchodního tajemství

Odkazy

URL

Označené pro přenos do RIV

Ano

Kód RIV

RIV/00216224:14610/23:00130589

Organizační jednotka

Ústav výpočetní techniky

Klíčová slova anglicky

Relational analytics;Network forensics;Visual analytics;Granef;Cybersecurity

Štítky

rivok

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 5. 4. 2024 11:08, Mgr. Alena Mokrá

Anotace

V originále

The human brain is designed to perceive the surrounding world as associations. These associations between the individual pieces of information allow us to analyze and categorize new inputs and thus understand them. However, the support for association-based analysis in traditional network analysis tools is only limited or not present at all. These tools are mostly based on manual browsing, filtering, and aggregation, with only basic support for statistical analyses and visualizations for communicating the general characteristics. Yet, it is the relationship diagram that could allow the analysts to get a broader context and reveal the associations hidden in the data. In this paper, we explore the possibilities of relational analysis as a novel paradigm for network forensics. We provide a set of user requirements based on the discussion with domain experts and introduce a novel visual analysis tool utilizing multimodal graphs for modeling relationships between entities from captured packet traces. Finally, we demonstrate the relational analysis process on two use cases and discuss feedback from domain experts.

Návaznosti

EF16_019/0000822, projekt VaV

Název: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Přiložené soubory

2023-DFRWS-USA-Using_Relational_Graphs_for_Exploratory_Analysis_of_Network_Traffic_Data-Paper.pdf

2023-DFRWS-USA-Using_Relational_Graphs_for_Exploratory_Analysis_of_Network_Traffic_Data-Presentation.pdf

Citovat

ČERMÁK, Milan; Tatiana FRITZOVÁ; Vít RUSŇÁK a Denisa ŠRÁMKOVÁ. Using relational graphs for exploratory analysis of network traffic data. Forensic Science International: Digital Investigation. 2023, roč. 45, S, s. 1-10. ISSN 2666-2825. Dostupné z: https://doi.org/10.1016/j.fsidi.2023.301563.

@article{2275258,
   author = {Čermák, Milan and Fritzová, Tatiana and Rusňák, Vít and Šrámková, Denisa},
   article_number = {S},
   doi = {https://doi.org/10.1016/j.fsidi.2023.301563},
   keywords = {Relational analytics;Network forensics;Visual analytics;Granef;Cybersecurity},
   language = {eng},
   issn = {2666-2825},
   journal = {Forensic Science International: Digital Investigation},
   title = {Using relational graphs for exploratory analysis of network traffic data},
   url = {https://doi.org/10.1016/j.fsidi.2023.301563},
   volume = {45},
   year = {2023}
}

TY  - JOUR
ID  - 2275258
AU  - Čermák, Milan - Fritzová, Tatiana - Rusňák, Vít - Šrámková, Denisa
PY  - 2023
TI  - Using relational graphs for exploratory analysis of network traffic data
JF  - Forensic Science International: Digital Investigation
VL  - 45
IS  - S
SP  - 1-10
EP  - 1-10
SN  - 26662825
KW  - Relational analytics;Network forensics;Visual analytics;Granef;Cybersecurity
UR  - https://doi.org/10.1016/j.fsidi.2023.301563
N2  - The human brain is designed to perceive the surrounding world as associations. These associations between the individual pieces of information allow us to analyze and categorize new inputs and thus understand them. However, the support for association-based analysis in traditional network analysis tools is only limited or not present at all. These tools are mostly based on manual browsing, filtering, and aggregation, with only basic support for statistical analyses and visualizations for communicating the general characteristics. Yet, it is the relationship diagram that could allow the analysts to get a broader context and reveal the associations hidden in the data. In this paper, we explore the possibilities of relational analysis as a novel paradigm for network forensics. We provide a set of user requirements based on the discussion with domain experts and introduce a novel visual analysis tool utilizing multimodal graphs for modeling relationships between entities from captured packet traces. Finally, we demonstrate the relational analysis process on two use cases and discuss feedback from domain experts.
ER  -

ČERMÁK, Milan; Tatiana FRITZOVÁ; Vít RUSŇÁK a Denisa ŠRÁMKOVÁ. Using relational graphs for exploratory analysis of network traffic data. \textit{Forensic Science International: Digital Investigation}. 2023, roč.~45, S, s.~1-10. ISSN~2666-2825. Dostupné z: https://doi.org/10.1016/j.fsidi.2023.301563.

Přehled o publikaci