VISUALIZATION OF NETWORK THREAT MONITORING
First Claim
1. A network monitoring system comprising:
- an information processing system including a processor and a memory device coupled to the processor, the memory device containing a set of instructions that, when executed by the processor, cause the processor to;
receive traffic metric data, the traffic metric data indicating measurements related to a characteristic of network traffic flowing in a network;
identify network threats in intercepted traffic of the network traffic;
identify a time associated with detection of each occurrence of the network threats; and
generate a graphical user interface having a GUI that includes a display of a time series graph that corresponds to a selected time period, the display including a network traffic plot and an alert plot adjacent to the network traffic plot, the network traffic plot indicating a characteristic of network traffic relative to a timeline displayed along a first axis, the alert plot including alert indicators, each alert indicator associated with detection of a network threat and aligned relative to the timeline based on the time identified for each occurrence of the detected network threats.
2 Assignments
0 Petitions
Accused Products
Abstract
A method to monitor a network is provided, including receiving traffic metric data indicating measurements related to a characteristic of network traffic flowing in the network and identifying network threats in intercepted traffic of the network traffic. The method further includes identifying a time associated with detection of each occurrence of the network threats and generating a graphical user interface having a GUI that includes a display of a time series graph that corresponds to a selected time period. The display includes a network traffic plot and an alert plot adjacent to the network traffic plot. The network traffic plot indicates a characteristic of network traffic relative to a timeline displayed along a first axis. The alert plot includes alert indicators, wherein each alert indicator is associated with detection of a network threat and aligned relative to the timeline based on the time identified for each occurrence of the detected network threats.
-
Citations
20 Claims
-
1. A network monitoring system comprising:
-
an information processing system including a processor and a memory device coupled to the processor, the memory device containing a set of instructions that, when executed by the processor, cause the processor to; receive traffic metric data, the traffic metric data indicating measurements related to a characteristic of network traffic flowing in a network; identify network threats in intercepted traffic of the network traffic; identify a time associated with detection of each occurrence of the network threats; and generate a graphical user interface having a GUI that includes a display of a time series graph that corresponds to a selected time period, the display including a network traffic plot and an alert plot adjacent to the network traffic plot, the network traffic plot indicating a characteristic of network traffic relative to a timeline displayed along a first axis, the alert plot including alert indicators, each alert indicator associated with detection of a network threat and aligned relative to the timeline based on the time identified for each occurrence of the detected network threats. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method of network monitoring, the method comprising:
-
receiving traffic metric data indicating measurements related to a characteristic of network traffic flowing in a network; identifying network threats in intercepted traffic of the network traffic; identifying a time associated with detection of each occurrence of the network threats; and generating a graphical user interface having a GUI that includes a display of a time series graph that corresponds to a selected time period, the display including a network traffic plot and an alert plot adjacent to the network traffic plot, the network traffic plot indicating a characteristic of network traffic relative to a timeline displayed along a first axis, the alert plot including alert indicators, each alert indicator associated with detection of a network threat and aligned relative to the timeline based on the time identified for each occurrence of the detected network threats. - View Dependent Claims (17, 18)
-
-
19. A non-transitory computer readable storage medium and one or more computer programs embedded therein, the computer programs comprising instructions, which when executed by a computer system, cause the computer system to:
-
receive traffic metric data indicating measurements related to a characteristic of network traffic flowing in a network; identify network threats in intercepted traffic of the network traffic; identify a time associated with detection of each occurrence of the network threats; and generate a graphical user interface having a GUI that includes a display of a time series graph that corresponds to a selected time period, the display including a network traffic plot and an alert plot adjacent to the network traffic plot, the network traffic plot indicating a characteristic of network traffic relative to a timeline displayed along a first axis, the alert plot including alert indicators, each alert indicator associated with detection of a network threat and aligned relative to the timeline based on the time identified for each occurrence of the detected network threats. - View Dependent Claims (20)
-
Specification