Can You See What’s On Your Network?
Visual analysis of network devices with Poseidon & CRviz
Cybersecurity is hard. Network defenders are bombarded with information and the environments they work in can be incredibly complex. Modern computer networks house tens of thousands of devices and are constantly changing.
IQT Labs is developing new ways to help network defenders answer the question: What is on my network? We have released two open source projects that work together: a network analysis tool called Poseidon and a browser-based visualization tool called CRviz.
Poseidon utilizes software-defined networking (SDN) and machine learning to capture network traffic, extract relevant features from that traffic, perform classifications through trained models, convey results, and provide mechanisms to take further action. Poseidon has interoperability with two different SDN controllers: BigSwitch Cloud Fabric and Faucet.
CRviz is designed around a visualization technique called an enclosure diagram. The tool lets you organize network devices into groups and sub-groups, based on any attributes you choose.
Poseidon is a project by CyberReboot, IQT Labs’ cybersecurity group. CRviz is a collaboration between CyberReboot and the Labs’ design & data viz group. Analyzing & Visualizing Networks animation by DarkCharm.