Top Banner
Fabian Fischer | Data Analysis and Visualization Group | University of Konstanz NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness Fabian Fischer and Daniel A. Keim Symposium on Visualization for Cyber Security (VizSec 2014) 10th November 2014, Paris, France
25

NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Jul 29, 2020

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Fabian Fischer | Data Analysis and Visualization Group | University of Konstanz

NStreamAware: Real-Time Visual Analytics forData Streams to Enhance Situational AwarenessFabian Fischer and Daniel A. Keim

Symposium on Visualization for Cyber Security (VizSec 2014)10th November 2014, Paris, France

Page 2: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

2Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Motivation: Heterogeneous Data Streams

• Network Alerts (e.g., OSSEC)

• Syslog Messages

• NetFlow Data

Analyzing Data Streams =Crucial for security in your network!

Monitoring & Exploration

Crucial for situational awareness (SA)!

REAL-TIME

VISUAL

ANALYTICS

Page 3: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

DATA CHALLENGE

How to make streamanalysis scalable?

Page 4: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

4Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

NStreamAware: Infrastructure

Web

Ap

plic

atio

n(N

Vis

Aw

are)

REST REST Service

(VACS-REST)

Dat

a St

ream

s(f

rom

vari

ou

sso

urc

es)

MongoDB ElasticSearch

Scalable

SPARK Service(VACS-Spark)

Distributed Streaming Analytics

Apache Spark™ is a fast and general engine for large-scale data processing which can run on a distributed computer cluster.

Page 5: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

5Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Integrated Perspectives

• Real-Time Data Stream Monitoring

• Real-Time Sliding Slices (NVisAware)

• Visual Feature Selection

• Summarized Sliding Slices

• Event Timeline & Insights

• Search & Exploration

Page 6: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

6Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Real-Time Data Stream Monitoring

Page 7: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Demo

Page 8: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 9: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

SITUATIONAL AWARENESS CHALLENGE

How to reduce thecognitive load?

Page 10: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

10Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

NVisAware: Analytics

Web

Ap

plic

atio

n(N

Vis

Aw

are)

REST REST Service

(VACS-REST)

Dat

a St

ream

s(f

rom

vari

ou

sso

urc

es)

MongoDB ElasticSearch

SPARK Service(VACS-Spark)

Distributed Streaming Analytics

Visual Analytics Approach:Calculate and visualize sliding slices.

(based on sliding windows)

• Calculate Sliding Slice Summaryfor each sliding window.

• Push slicet to web application.

Page 11: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

11Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

slicet

Real-Time Sliding Slice• Interactive Widgets

– Treemaps

– Counters

– Node-link diagrams

• Interactions– Star/Annotate slice

– Remove slice

– Retrieve data

• Color Encoding– Background for similarity

– Importance of alerts

Page 12: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Demo

Page 13: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 14: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 15: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 16: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 17: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

EXPLORATION CHALLENGE

How to exploremany sliding slices?

Page 18: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

18Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Visual Feature Selection Visual Analytics Approach:Aggregate / Summarize

according interest function(visually steered by the expert)

Page 19: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

19Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Example: Using Visual Analytics for Interactive Summarization

… …

Page 20: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Demo

Page 21: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 22: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

22Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Application to Real-Time Social Media Analysis (VAST Challenge 2014 MC3)

• Real-Time Monitoring Task:Discover major events in the streamto support an ongoing police operation.

• Available Data Stream:Real-time feeds of microblogsand emergency calls.

• Successful participation:“Award for Outstanding ComprehensiveMini-Challenge 3 Submission”

Page 23: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

23Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Further Challenges and Future Work

• Challenge: Parameter adjustmentfor sliding slices and clustering.

• Automated merging of sliding slicesbased on the interest function.

• Performance Evaluation for a large networkusing security operational data stream.

• Responsiveness issueswhen increasing the number of complex interactive visualizations.

• Data retention and rotationfor the visualization interface.

Page 24: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

24Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Contributions

• NStreamAware – Building a web-based visualanalytics system using scalable technologies.

• NVisAware – Sliding Slices Visualizationwith embedded visualization widgets.

• NVisAware – Summarized Sliding Slicessteered using interactive visualizations.

EXPLORATION CHALLENGE

How to explore manysliding slices?

SA CHALLENGE

How to reduce thecognitive load?

DATA CHALLENGE

How to make stream analysis scalable?

Page 25: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

25Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Thank you very much for your attention!

Questions?

For more informationabout this work please contact

Fabian FischerTel. +49 7531 88-2780

[email protected]

http://ff.cx/

@f2cx


Related Documents
Telecommunications Event Data Analytics for IBM InfoSphere Streams V4.0

Telecommunications Event Data Analytics for IBM InfoSphere.....

Category: Data & Analytics
IBM Streams QCon - QCon New York€¦ · Manoj Singh Big Data & Streams Architect manoj.singh101@ibm.com IBM Streams In-Motion Analytics Platform @IBM

IBM Streams QCon - QCon New York€¦ · Manoj Singh Big...

Category: Documents
Smarter Analytics for Big Data · 2011-02-12 · The BIG Data Ecosystem: Interoperability is Key Streams Internet Scale Traditional Warehouse In-Motion Analytics Data Analytics, Data

Smarter Analytics for Big Data · 2011-02-12 · The BIG...

Category: Documents
NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness · 2019. 10. 21. · of Event Visualizer [8], is to provide real-time visualizations for

NStreamAware: Real-Time Visual Analytics for Data Streams to...

Category: Documents
Improving Adaptive Bagging Methods for Evolving Data Streamsgavalda/papers/acml09slides.pdf · Realtime analytics: from Databases to Dataflows Data streams Data streams are ordered

Improving Adaptive Bagging Methods for Evolving Data...

Category: Documents
ACM DEBS Grand Challenge: Continuous Analytics on Geospatial Data Streams with WSO2 Complex Event Processor

ACM DEBS Grand Challenge: Continuous Analytics on Geospatial...

Category: Data & Analytics
Analytics in a Big Data World - iedu.us€¦ · Taming the Big Data Tidal Wave: Finding Opportunities in Huge Data Streams with Advanced Analytics by Bill Franks Too Big to Ignore:

Analytics in a Big Data World - iedu.us€¦ · Taming the....

Category: Documents
Real time video analytics with InfoSphere Streams, OpenCV and R

Real time video analytics with InfoSphere Streams, OpenCV...

Category: Technology
Scalable Data Analytics Market Basket Model for ... · analytics market basket model for transactional data streams. In other to achieve this, the following methodology was followed

Scalable Data Analytics Market Basket Model for ... ·...

Category: Documents
Applying real-time analytics to data streams in digital health · 2020. 2. 19. · Drools Fusion, Esper, Event Swarm, Spark Streaming, InfoSphere Streams, Azure Stream Analytics…

Applying real-time analytics to data streams in digital...

Category: Documents
Partner Webcast – Oracle Streams Analytics platform - Is it time to reverse traditional analytics?

Partner Webcast – Oracle Streams Analytics platform - Is.....

Category: Technology
Real-time Analytics using IBM InfoSphere Streams

Real-time Analytics using IBM InfoSphere Streams

Category: Data & Analytics