Sonification of Network Traffic Flow for Monitoring and Situational Awareness

Debashi, Mohamed and Vickers, Paul (2018) Sonification of Network Traffic Flow for Monitoring and Situational Awareness. PLoS ONE, 13 (4). e0195948. ISSN 1932-6203

[img]
Preview
Text
Sonification of network traffic flow.pdf - Published Version
Available under License Creative Commons Attribution 4.0.

Download (5MB) | Preview
[img] Text (Preprint full text)
Debashi, Vickers - Sonification of Network Traffic Flow for Monitoring and Situational Awareness.pdf - Submitted Version
Restricted to Repository staff only

Download (1MB) | Request a copy
[img]
Preview
Text (Flow and IP flow feature information array contents)
Sonification of Network Traffic Flow APPENDIX 1.pdf - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (45kB) | Preview
[img]
Preview
Text (questionnaire)
Sonification of Network Traffic Flow APPENDIX 2.pdf - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (112kB) | Preview
[img] Text (IP flow log file)
Sonification of Network Traffic Flow APPENDIX 3.txt - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (15kB)
[img] Text (Traffic flow log file)
Sonification of Network Traffic Flow APPENDIX 4.txt - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (192kB)
[img]
Preview
Text (informed consent form)
Sonification of Network Traffic Flow APPENDIX 5.pdf - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (37kB) | Preview
[img] Audio (Normal traffic behaviour)
Sonification of Network Traffic Flow SUPPLEMENTAL 1.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (10MB)
[img] Audio (FIN behaviour)
Sonification of Network Traffic Flow SUPPLEMENTAL 2.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (18MB)
[img] Audio (Xmas behaviour)
Sonification of Network Traffic Flow SUPPLEMENTAL 3.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (17MB)
[img] Audio (low NULL scan audio file)
Sonification of Network Traffic Flow SUPPLEMENTAL 4.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (14MB)
[img] Audio (heavy NULL scan audio file)
Sonification of Network Traffic Flow SUPPLEMENTAL 5.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (14MB)
[img] Audio (heavy full connection SYN scan audio file)
Sonification of Network Traffic Flow SUPPLEMENTAL 6.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (14MB)
[img] Audio (SYN-Flood-DoS audio file)
Sonification of Network Traffic Flow SUPPLEMENTAL 7.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (22MB)
[img] Audio (Null-DDoS audio file)
Sonification of Network Traffic Flow SUPPLEMENTAL 8.aiff - Supplemental Material
Available under License Creative Commons Attribution 4.0.

Download (21MB)
Official URL: http://doi.org/10.1371/journal.pone.0195948

Abstract

Maintaining situational awareness of what is happening within a network is challenging, not least because the behaviour happens within computers and communications networks, but also because data traffic speeds and volumes are beyond human ability to process. Visualisation is widely used to present information about the dynamics of network traffic dynamics. Although it provides operators with an overall view and specific information about particular traffic or attacks on the network, it often fails to represent the events in an understandable way. Visualisations require visual attention and so are not well suited to continuous monitoring scenarios in which network administrators must carry out other tasks. Situational awareness is critical and essential for decision-making in the domain of computer network monitoring where it is vital to be able to identify and recognize network environment behaviours. Here we present SoNSTAR (Sonification of Networks for SiTuational AwaReness), a real-time sonification system to be used in the monitoring of computer networks to support the situational awareness of network administrators. SoNSTAR provides an auditory representation of all the TCP/IP protocol traffic within a network based on the different traffic flows between network hosts. SoNSTAR raises situational awareness levels for computer network defence by allowing operators to achieve better understanding and performance while imposing less workload compared to visual techniques. SoNSTAR identifies the features of network traffic flows by inspecting the status flags of TCP/IP packet headers and mapping traffic events to recorded sounds to generate a soundscape representing the real-time status of the network traffic environment. Listening to the soundscape allows the administrator to recognise anomalous behaviour quickly and without having to continuously watch a computer screen.

Item Type: Article
Uncontrolled Keywords: sonification, network, situational awareness, auditory display
Subjects: G400 Computer Science
G500 Information Systems
Department: Faculties > Engineering and Environment > Computer and Information Sciences
Depositing User: Paul Burns
Date Deposited: 12 Apr 2018 14:53
Last Modified: 01 Aug 2021 08:03
URI: http://nrl.northumbria.ac.uk/id/eprint/33954

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics