Visualization and analysis of complex security information
First Claim
1. At least one machine readable non-transitory storage medium having instructions stored thereon for providing intelligent suggestions in visualizing network security data, wherein the instructions when executed by at least one processors cause the at least one processors to perform the following operations:
- retrieving the network security data from one or more data sources;
rendering the network security data for display on a user interface as a first force-directed node graph, wherein the first force-directed node graph has the network security data as nodes whose motion and position information are computed using an energy function;
applying principal component analysis on the network security data to reduce dimensionality of the network security data and identify a first set of principal components of the network security data; and
outputting a first message to the user through the user interface suggesting a first filter on the network security data based on the one or more principal components of the network security data.
11 Assignments
0 Petitions
Accused Products
Abstract
In one example, a visualization data engine may be responsible for rendering the visualization data obtained from the backend data server and providing the user interface (UI) necessary to allow an administrator to analyze the data. An example UI may include the ability to filter, organize, reorganize, and choose the raw data to be transformed. The UI may also provide interactions that expand and compress sections of the dataset, drill into the underlying dataset that is represented to the user, and move the data from one visualization to another.
13 Citations
20 Claims
-
1. At least one machine readable non-transitory storage medium having instructions stored thereon for providing intelligent suggestions in visualizing network security data, wherein the instructions when executed by at least one processors cause the at least one processors to perform the following operations:
-
retrieving the network security data from one or more data sources; rendering the network security data for display on a user interface as a first force-directed node graph, wherein the first force-directed node graph has the network security data as nodes whose motion and position information are computed using an energy function; applying principal component analysis on the network security data to reduce dimensionality of the network security data and identify a first set of principal components of the network security data; and outputting a first message to the user through the user interface suggesting a first filter on the network security data based on the one or more principal components of the network security data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus for providing intelligent suggestions in visualizing network security data, the apparatus comprising:
-
at least one memory element; at least one processors coupled to the at least one memory element; a visualization data engine that when executed by the at least one processors is configured to; retrieve the network security data from one or more data sources; determine motion and position information of the network security data as nodes in a first force-directed node graph; and apply principal component analysis on the network security data to reduce dimensionality of the network security data and identify a first set of principal components of the network security data; and a visualization display engine that when executed by the at least one processors is configured to; render the first force-directed node graph for display on a user interface; and output a first message to the user through the user interface suggesting a first filter on the network security data based on the one or more principal components of the network security data. - View Dependent Claims (14, 15)
-
-
16. A computerized method for providing intelligent suggestions in visualizing network security data, the method comprising:
-
retrieving and processing, using a visualization data engine implemented in one or more processors, the network security data from one or more data sources using at least an energy function to determine motion and position information of the network security data as nodes in a first force-directed node graph; rendering, using a visualization display engine implemented in one or more processors, the first force-directed node graph for display on a user interface; applying, using the visualization data engine implemented in one or more processors, principal component analysis on the network security data to identify a first set of principal components of the network security data; and outputting, using the visualization display engine implemented in one or more processors, a first message to the user through the user interface suggesting a first filter on the network security data based on the one or more principal components of the network security data. - View Dependent Claims (17, 18, 19, 20)
-
Specification