Graphics Reference
In-Depth Information
Figure 9-3:
Some of the connection attributes indicate similar names.
Cybersecurity
Internet security is an incredibly important topic. Massive data breaches,
compromised credit cards, and insecure accounts grab news headlines every
few months. Hackers use many different techniques to probe for
weaknesses, exploit vulnerabilities, and launch attacks. Security personnel
have a variety of tools to detect anomalies on their networks, which may
reveal weaknesses or indicate potential attacks. These tools generate data,
such as log files, where each line in the log file indicates the IP address of
source and target computers (that is, links), as well as different attack types
(that is, types of links). You can analyze this information and plot it with
graph software.
Network logs can be enormous, so prior to visualizing, it may be effective
to narrow down the scope of data, such as a particular time range, a subset
of computers, attack types, or other attribute filters.
Figure 9-4
shows 1,000
links from an intrusion-detection system, with the IP addresses and specific
attack types anonymized. This has been visualized using Cytoscape.
Tip
Cytoscape may show only some links and labels by default. To turn on
all
links and labels, choose View
⇒
Show Graphic Details.
Source computers (that is, potential attackers) are represented as triangles,
and target computers are represented as circles. Each link indicates a single
