System, method and program product for visually presenting data describing network intrusions
First Claim
1. A method for graphically representing network intrusions, the method comprising the steps of:
- a computer identifying intrusions sent from a source Internet Protocol (IP) address to a destination IP address and determining a color-code based on a number of the intrusions sent from the source IP address to the destination IP address; and
the computer displaying on a monitor concurrently;
a source icon representing the source IP address,the source IP address in association with the source icon,a destination icon representing the destination IP address,the destination IP address in association with the destination icon,a first arrow pointing from the source icon to the destination icon representing intrusions sent from the source IP address to the destination IP address, the first arrow being color-coded based on the number of intrusions sent from the source IP address to the destination IP address, andwherein the computer also identifies a response to the source IP address from the destination IP address to the intrusion sent from the source IP address, and displays concurrently on the monitor an arrow from the destination icon pointing to the source icon representing the response to the source IP address from the destination IP address to the intrusion sent from the source IP address.
1 Assignment
0 Petitions
Accused Products
Abstract
Computer system, method and program for graphically representing network intrusions. Source icons are displayed in rows in a first column. The source icons represent source IP addresses from which intrusions were sent. Destination icons are displayed in rows in a second column. The destination icons represent destination IP addresses to which the intrusions were sent. The destination icons that receive intrusions from a same source icon are clustered together in the graphical representation across from the same source icon. An arrow is displayed from each of the source icons pointing to each of the destination icons to which each source icon sent an intrusion, such that there are “N” arrows from each source icon to “N” destination icons to which each source icon sent at least one intrusion.
-
Citations
19 Claims
-
1. A method for graphically representing network intrusions, the method comprising the steps of:
-
a computer identifying intrusions sent from a source Internet Protocol (IP) address to a destination IP address and determining a color-code based on a number of the intrusions sent from the source IP address to the destination IP address; and the computer displaying on a monitor concurrently; a source icon representing the source IP address, the source IP address in association with the source icon, a destination icon representing the destination IP address, the destination IP address in association with the destination icon, a first arrow pointing from the source icon to the destination icon representing intrusions sent from the source IP address to the destination IP address, the first arrow being color-coded based on the number of intrusions sent from the source IP address to the destination IP address, and wherein the computer also identifies a response to the source IP address from the destination IP address to the intrusion sent from the source IP address, and displays concurrently on the monitor an arrow from the destination icon pointing to the source icon representing the response to the source IP address from the destination IP address to the intrusion sent from the source IP address. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer system for graphically representing network intrusions, the system comprising:
-
a computer processing unit (CPU), a computer readable memory and a computer readable storage media; first program instructions to identify intrusions sent from a source Internet Protocol (IP) address to a destination IP address and determine a color-code based on a number of the intrusions sent from the source IP address to the destination IP address; and second program instructions to direct concurrent display on a monitor of the following; a source icon representing the source IP address, the source IP address in association with the source icon, a destination icon representing the destination IP address, the destination IP address in association with the destination icon, and a first arrow pointing from the source icon to the destination icon representing intrusions sent from the source IP address to the destination IP address, the first arrow being color-coded based on the number of intrusions sent from the source IP address to the destination IP address;
whereinthe first and second program instructions are stored on the computer readable storage media for execution by the CPU via the computer readable memory; and wherein the first program instructions also identify a response to the source IP address from the destination IP address to the intrusion sent from the source IP address, and the second program instructions also direct concurrent display on the monitor of an arrow from the destination icon pointing to the source icon representing the response to the source IP address from the destination IP address to the intrusion sent from the source IP address. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer program product for graphically representing network intrusions, the computer program product comprising:
-
a computer readable storage media; first program instructions to identify intrusions sent from a source Internet Protocol (IP) address to a destination IP address and determine a color-code based on a number of the intrusions sent from the source IP address to the destination IP address; and second program instructions to direct concurrent display on a monitor of the following; a source icon representing the source IP address, the source IP address in association with the source icon, a destination icon representing the destination IP address, the destination IP address in association with the destination icon, and a first arrow pointing from the source icon to the destination icon representing intrusions sent from the source IP address to the destination IP address, the first arrow being color-coded based on the number of intrusions sent from the source IP address to the destination IP address;
whereinthe first and second program instructions are stored on the computer readable storage media; and wherein the first program instructions also identify a response to the source IP address from the destination IP address to the intrusion sent from the source IP address, and the second program instructions also direct concurrent display on the monitor of an arrow from the destination icon pointing to the source icon representing the response to the source IP address from the destination IP address to the intrusion sent from the source IP address. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification