Radial Hierarchical Visualization: Difference between revisions

From InfoVis:Wiki
Jump to navigation Jump to search
← Older editNewer edit →
Line 17: Line 17:
== Figures ==
== Figures ==


The Radial Traffic Analyzer visualizes network traffic in a radial hierarchical layout. The radial visualization was chosen to stop the user from placing more importance on an item due to its position on the left or right. In the default configuration the Radial Traffic Analyzer uses four concentrical rings, each representing one attribute of the transferred packets.
The Radial Traffic Analyzer visualizes network traffic using a radial hierarchical layout. The radial visualization was chosen to avoid the user assigning more importance to an item due to its position on the left or on the right. In the default configuration, the Radial Traffic Analyzer uses four concentrical rings, each one representing an attribute of the transferred packets.


[[Image:Rta_small.jpg]]
[[Image:Rta_small.jpg]]


The innermost ring shows the IP adresses of the packet source, the second ring shows the destination IP, the third ring shows the source port number and the outermost ring the destination port number. The size of the area of each entry specifies the fraction of the traffic payloads. To improve the readability, entries with the same values (same IP or same port number) are drawn in the same colour, entries of prominent ports in unique colours (e.g. port 80 - HTTP or port 110 - POP3) and traffic over secured channels is shown in brighter colours.
The innermost ring shows the source IP adress contained in the packet, the second ring shows the destination IP, the third ring shows the source port number, and the outermost ring the destination port number. The size of a circle segment specifies the portion of the total traffic payload. To improve readability entries with the same values (same IP or same port number) are drawn using the same colour. Entries of popular port numbers appear in unique colours (e.g. green is always used for port 80 - HTTP). Traffic over secured channels is shown in brighter colours, whereas traffic over unsecured channels is usually displays in darker colour.


Each ring uses the rings further inside for grouping and sorting, as shown in the next figure:
The values on each ring are grouped by the attributes on the inner rings. Values are sorted on a ring. The next figure shows the design rationale:


[[Image:Rta_sort.jpg]]
[[Image:Rta_sort.jpg]]


The Radial Traffic Analyzer allows a lot of user interactions. Entries and their associated traffic can be filtered out with one simple click. The order of the rings can be changed adapted to the users needs, as well as the number of the rings or their attribute types. For example, the Radial Traffic Analyzer can be configured to show up security alerts generated by an intrusion detection system:
The Radial Traffic Analyzer allows a variety of user interaction. Entries and their associated traffic can be filtered by single-clicking a circle segment. The order of the rings can be adapted to the users' needs, as well as the number of the rings, or their attributes. For example, the Radial Traffic Analyzer can be configured to display security alerts generated by an intrusion detection system:


[[Image:Rta_sec.jpg]]
[[Image:Rta_sec.jpg]]

Revision as of 16:02, 26 April 2007

Authors

Keim, Daniel

Mansmann, Florian

Schneidewind, Jörn

Schreck, Tobias

Short Description

The Radial Traffic Analyzer display is perfectly suitable to show grouped information in the inner circles while presenting related detail information on the outer circles. It is complemented by appropriate interaction techniques like hints on mouse-over, drag & drop to adapt the order of the rings, filtering using clicks and details accessible via a popup menu.
Keim, Daniel et al., 2006


Suitable Data Types

Suitable data types for this information visualization technique are Internet Protocol packets.

Figures

The Radial Traffic Analyzer visualizes network traffic using a radial hierarchical layout. The radial visualization was chosen to avoid the user assigning more importance to an item due to its position on the left or on the right. In the default configuration, the Radial Traffic Analyzer uses four concentrical rings, each one representing an attribute of the transferred packets.

The innermost ring shows the source IP adress contained in the packet, the second ring shows the destination IP, the third ring shows the source port number, and the outermost ring the destination port number. The size of a circle segment specifies the portion of the total traffic payload. To improve readability entries with the same values (same IP or same port number) are drawn using the same colour. Entries of popular port numbers appear in unique colours (e.g. green is always used for port 80 - HTTP). Traffic over secured channels is shown in brighter colours, whereas traffic over unsecured channels is usually displays in darker colour.

The values on each ring are grouped by the attributes on the inner rings. Values are sorted on a ring. The next figure shows the design rationale:

The Radial Traffic Analyzer allows a variety of user interaction. Entries and their associated traffic can be filtered by single-clicking a circle segment. The order of the rings can be adapted to the users' needs, as well as the number of the rings, or their attributes. For example, the Radial Traffic Analyzer can be configured to display security alerts generated by an intrusion detection system:

As seen in the figure above, the innermost circle can be used to limit the visualization of network traffic to one specified country. For that purpose, the Radial Traffic Analizer uses the Maxmind’s GeoIP Database to evaluate the geo-location information, parts the available display space into rectangles using the HistoMap algorithm and assigns each country to one rectangle. The bigger the rectangles the higher the traffic payloads from or to each country.

Evaluation

Up to April 2007 there hasn't been any evaluations or implementations of the Radial Traffic Analyzer.

References

Evaluation References

Retrieved from "https://infovis-wiki.net/w/index.php?title=Radial_Hierarchical_Visualization&oldid=13510"