Upload File

nstreamaware: real-time visual analytics for data streams ... · fabian fischer | nstreamaware:...

  • Home
  • Documents
  • NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
25
Fabian Fischer | Data Analysis and Visualization Group | University of Konstanz NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness Fabian Fischer and Daniel A. Keim Symposium on Visualization for Cyber Security (VizSec 2014) 10th November 2014, Paris, France

Upload: others

Post on 29-Jul-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Fabian Fischer | Data Analysis and Visualization Group | University of Konstanz

NStreamAware: Real-Time Visual Analytics forData Streams to Enhance Situational AwarenessFabian Fischer and Daniel A. Keim

Symposium on Visualization for Cyber Security (VizSec 2014)10th November 2014, Paris, France

Page 2: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

2Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Motivation: Heterogeneous Data Streams

• Network Alerts (e.g., OSSEC)

• Syslog Messages

• NetFlow Data

Analyzing Data Streams =Crucial for security in your network!

Monitoring & Exploration

Crucial for situational awareness (SA)!

REAL-TIME

VISUAL

ANALYTICS

Page 3: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

DATA CHALLENGE

How to make streamanalysis scalable?

Page 4: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

4Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

NStreamAware: Infrastructure

Web

Ap

plic

atio

n(N

Vis

Aw

are)

REST REST Service

(VACS-REST)

Dat

a St

ream

s(f

rom

vari

ou

sso

urc

es)

MongoDB ElasticSearch

Scalable

SPARK Service(VACS-Spark)

Distributed Streaming Analytics

Apache Spark™ is a fast and general engine for large-scale data processing which can run on a distributed computer cluster.

Page 5: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

5Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Integrated Perspectives

• Real-Time Data Stream Monitoring

• Real-Time Sliding Slices (NVisAware)

• Visual Feature Selection

• Summarized Sliding Slices

• Event Timeline & Insights

• Search & Exploration

Page 6: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

6Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Real-Time Data Stream Monitoring

Page 7: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Demo

Page 8: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 9: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

SITUATIONAL AWARENESS CHALLENGE

How to reduce thecognitive load?

Page 10: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

10Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

NVisAware: Analytics

Web

Ap

plic

atio

n(N

Vis

Aw

are)

REST REST Service

(VACS-REST)

Dat

a St

ream

s(f

rom

vari

ou

sso

urc

es)

MongoDB ElasticSearch

SPARK Service(VACS-Spark)

Distributed Streaming Analytics

Visual Analytics Approach:Calculate and visualize sliding slices.

(based on sliding windows)

• Calculate Sliding Slice Summaryfor each sliding window.

• Push slicet to web application.

Page 11: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

11Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

slicet

Real-Time Sliding Slice• Interactive Widgets

– Treemaps

– Counters

– Node-link diagrams

• Interactions– Star/Annotate slice

– Remove slice

– Retrieve data

• Color Encoding– Background for similarity

– Importance of alerts

Page 12: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Demo

Page 13: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 14: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 15: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 16: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 17: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

EXPLORATION CHALLENGE

How to exploremany sliding slices?

Page 18: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

18Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Visual Feature Selection Visual Analytics Approach:Aggregate / Summarize

according interest function(visually steered by the expert)

Page 19: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

19Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Example: Using Visual Analytics for Interactive Summarization

… …

Page 20: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

Demo

Page 21: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:
Page 22: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

22Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Application to Real-Time Social Media Analysis (VAST Challenge 2014 MC3)

• Real-Time Monitoring Task:Discover major events in the streamto support an ongoing police operation.

• Available Data Stream:Real-time feeds of microblogsand emergency calls.

• Successful participation:“Award for Outstanding ComprehensiveMini-Challenge 3 Submission”

Page 23: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

23Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Further Challenges and Future Work

• Challenge: Parameter adjustmentfor sliding slices and clustering.

• Automated merging of sliding slicesbased on the interest function.

• Performance Evaluation for a large networkusing security operational data stream.

• Responsiveness issueswhen increasing the number of complex interactive visualizations.

• Data retention and rotationfor the visualization interface.

Page 24: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

24Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Contributions

• NStreamAware – Building a web-based visualanalytics system using scalable technologies.

• NVisAware – Sliding Slices Visualizationwith embedded visualization widgets.

• NVisAware – Summarized Sliding Slicessteered using interactive visualizations.

EXPLORATION CHALLENGE

How to explore manysliding slices?

SA CHALLENGE

How to reduce thecognitive load?

DATA CHALLENGE

How to make stream analysis scalable?

Page 25: NStreamAware: Real-Time Visual Analytics for Data Streams ... · Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness 4 NStreamAware:

25Fabian Fischer | NStreamAware: Real-Time Visual Analytics for Data Streams to Enhance Situational Awareness

Thank you very much for your attention!

Questions?

For more informationabout this work please contact

Fabian FischerTel. +49 7531 88-2780

[email protected]

http://ff.cx/

@f2cx


Future of Visual Analytics

Geospatial Visual Analytics Tutorial - PEER · Geospatial Visual Analytics Tutorial Gennady Andrienko & Natalia Andrienko

Web Analytics Wednesday Poznań 2015 - Visual Analytics

Process Design and Visual Value Streams

Visual Analytics

Visual Text Analytics for Technology and Innovation Management€¦ · Visual Text Analytics Stages : Visual Mapping (II) 14. Dirk Burkhardt | Visual Text Analytics for Technology

Continuous Analytics Over Discontinuous Streams

JMP Visual Analytics

Forecasting Hotspots - A Predictive Visual Analytics Approachebertd/vis09/predictive...Keywords: Predictive analytics, visual analytics, syndromic surveillance. 1 MOTIVATION Visual

Immersive Analytics Sensemaking on Different PlatformsVR.pdf · sensemaking, immersive analytics 1. Introduction 1.1. Visual Analytics Visual analytics (VA) is a science-based activity

Deliverable 7.4: Evaluation of Visual Analytics Prototypes ... · The evaluation was conducted within Task 7.4 “Visual analytics prototype evaluation” of WP7 “Visual analytics

Visual analytics of anomaly detection in large data streams

SeqDynamics: Visual Analytics for Evaluating Online …Meng Xia et al. / SeqDynamics: Visual Analytics for EvaluatingOnline Problem-solving Dynamics 2.2. Visual Analytics of Learning

Visual analytics

Multimedia Analysis + Visual Analytics = Multimedia Analytics · Multimedia Analysis + Visual Analytics = Multimedia Analytics ... feature extraction techniques related to ... Multimedia

Progressive Visual Analytics: User-Driven Visual

Constel Analytics A visual tool for web analytics

SAS Visual Analytics

NStreamAware: Real-Time Visual Analytics for Data Streams ... · NStreamAware: Real-Time Visual Analytics ... All events are stored to a distributed ElasticSearch clus- ... Spark

Predictive Analytics on Evolving Data Streams · Predictive Analytics on Evolving Data Streams: ... • MOA: Massive online analysis, a framework for stream classification and

Online Visual Analytics of Text Streamsjpei/publications/Visual Analytics...1 Online Visual Analytics of Text Streams Shixia Liu, Jialun Yin, Xiting Wang, Weiwei Cui, Kelei Cao, Jian

Auditing an Enterprise SAS® Visual Analytics 6.2 ...support.sas.com/resources/papers/proceedings14/SAS167-2014.pdf · Visual Analytics reporting tools. ... With SAS Visual Analytics,

SAS Visual Analytics: Andrew Howell Groups...SAS Visual Analytics for SAS Programmers •Loading data into Visual Analytics •Visual Tools •Programming & traditional client tools

Visual Analytics Antibiogram

Analytics updates viewability, verification, visual analytics

Real-Time Visual Analytics for Event Data Streams · Real-Time Visual Analytics for Event Data Streams Fabian Fischer, Florian Mansmann, Daniel A. Keim 27th March 2012, ACM SAC 2012

Deliverable 7.2: Evaluation of Visual Analytics Prototypes ...€¦ · The evaluation was conducted within Task 7.4 “Visual analytics prototype evaluation” of WP7 “Visual analytics

Proposal 12 - Visual Analytics

Combining the Streams: University-wide Admissions Analytics

DeepEyes: Progressive Visual Analytics for … Progressive Visual Analytics for Designing Deep ... A recent paradigm, called Progressive Visual ... Progressive Visual Analytics for

Real-time Analytics using IBM InfoSphere Streams

Partner Webcast – Oracle Streams Analytics platform - Is it time to reverse traditional analytics?

Visual saliency extraction from compressed streams

Big Data Visual Analytics and Predictive Analytics Tools

Visual Design Analytics - ipsj.ixsq.nii.ac.jp