Cyber Security Visualization Tool

At Oak Ridge National Laboratory, I developed a situational awareness tool using JavaScript and d3.js that visualizes a real-time stream of cyber security alert data.

Screen Shot 2013-08-02 at 3.03.27 PM

csVIZ with a radar-like view where each circle represents a threat

Cyber security alert data is generated by zero-day network intrusion detection systems developed by research scientists at ORNL. I worked with a fellow developer on this project who focused on the back-end.

The data visualization tool takes cyber security alert data generated real-time. The data is in JSON format sent using socket.io to the app. Each circle on the radar represents an alert. Those closer to the center are potentially more harmful. This data set in particular is live data captured on a public network. The network IDS is quite noisy: for this network, there are thousands of alerts generated over a 5 minute period.

Each circle (alert) is an SVG element added to the DOM. Each one is inspectable by the user by hovering or clicking. Zoom-in and zoom-out is supported.

Cheezy photo showing csVIZ on a 30.5' x 8.5' display

Cheezy photo showing csVIZ on a 30.5′ x 8.5′ display. I’m in the middle

csVIZ was designed with responsive principles. Bootstrap.js makes using csVIZ on any device very usable. It works on devices as small as a smartphone and as large as the Everest display at ORNL.

0 thoughts on “Cyber Security Visualization Tool

Leave a Reply

Your email address will not be published.