• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Free Trial
  • Contact us
  • Blog
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Products
    • Product
      • Cisco Umbrella Cloud Security Service
      • Cisco Umbrella Investigate
      • Product Packages
      • Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Interactive Intelligence
      • Cloud-Delivered Firewall
    •  
    • Webinar signup
  • Solutions
    • By Need
      • Protect Mobile Users
      • Fast Incident Response
      • Web Content Filtering
      • Shadow IT Discovery & App Blocking
      • Unified Threat Enforcement
      • Reduce Security Infections
      • Secure Direct Internet Access
      • Securing Remote and Roaming Users
    • By Network
      • Protect Guest Wi-Fi
      • SD-WAN Security
      • Off-Network Endpoint Security
    • By Industry
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
      • Our Customers
      • Customer Stories
    • Ransomware Defense for Dummies book
  • Why Us
    • Fast Reliable Cloud
      • Cloud Security Infrastructure
      • Cloud Network Status
      • Cloud Network Activity
      • Recursive DNS Services
      • Top Reasons to Trial
      • Getting Started
    • Unmatched Intelligence
      • Cyber Attack Prevention
      • Interactive Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco SD-WAN
    • Navigation-dropdown-promo-free-trial_102820
  • Resources
    • Content Library
      • Top Resources
      • Analyst Reports
      • Case Studies
      • Customer Videos
      • Datasheets
      • eBooks
      • Infographics
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Cisco Umbrella Blog
      • Latest Posts
      • Security Posts
      • Research Posts
      • Threats Posts
      • Product Posts
      • Spotlight
    • For Customers
      • Support
      • Customer Success Hub
      • Umbrella Deployment Hub
      • Customer Success Webinars
      • What’s New
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
      • Secure Access Service Edge (SASE)
    • Security Threats
      • Ransomware
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
    •  
    • 2020 Cybersecurity trends
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Become a partner
  • Free Trial Signup
  • Umbrella Login
  • Cloudlock Login
  • Contact Us
Research

Networks in Space: When data goes supernova

By Thibault Reuille
Posted on August 13, 2013
Updated on July 23, 2020

Share

Facebook0Tweet0LinkedIn0

The universe is big, mysterious and full of secrets.

Every day, servers exchange enormous amounts of data. Usually, this data is kept and archived for a defined period of time. As we store more and more information, our desire to understand its behavior grows. The reason is simple: knowledge is powerful. So, if we identify a pattern in our past, we master the present – then we can predict the future.

Today’s data scientists are the modern oracles, always trying to discover ingenious ways to analyze information in order to identify new patterns and anomalies. Just like the first astronomers raised their eyes to the sky and clouds to predict the seasons, we are constantly analyzing a deluge of digital messages to monitor the general state of the system. It is crucial to step back and take a look at the big picture and understand that abstraction is the key to mastering the present. 

Visualize the universe

When it comes to patterns, semantic graphs are one of the most beautiful data structures out there. They can represent anything and can be applied to a wide range of problems, from social networks to artificial brains. Graph nodes can define any type of information and edges can model arbitrary connections between them.

Sure, it sounds simple in theory, but in practice we are dealing with billions and billions of nodes and edges! When it comes to visualization, there is a tremendous challenge in building an engine that can handle the vast amount of data that the universe holds. Even more importantly, the graph has to be dynamic and constantly changing over time. The goal is to build a robust and stable tool to establish, try, and confirm our hypotheses.

How does it work? The engine recreates a physical force system where connected nodes attract each other and disconnected nodes repulse each other. At first, all the nodes are placed at approximately the same position, forming a point of high density. Of course, at this stage it’s still impossible to see anything clearly. But then, we heat the node particles at a high temperature and let the physics engine do the rest!

Temperature creates a random particle movement and the messy network structure expands in space at high speed, throwing nodes in every direction.

That’s right, an explosion of data!

After this stage, the structure progressively reaches equilibrium. This is the true beauty of this method: we artificially reimplemented a natural force directed system and therefore natural structures emerge. We cool down the temperature progressively and as the particle acceleration decreases, the network structure crystallizes.

Demonstration

Since a picture is worth a thousand words, we’re sharing with you a WebGL application and a couple of screenshots of our visualization tool to illustrate this algorithm.

You may note that the process has been intentionally slowed down to make the attraction-repulsion forces more obvious. 

Controls:

  • Click play to start animation
  • Navigate with the mouse and keyboard arrows
  • Double click on a node to zoom in and target a node
  • Click anywhere to go back to FPS view
  • Select various display modes in the menu

NOTE: The engine may take a while to load, please be patient.

Umbrella Security Graph Data Sets

Using this visualization method, we can process the massive amounts of data flowing into to the Umbrella Security Graph at any given time – watching for new malicious patterns or any other unusual activity. It’s always interesting to navigate around certain unknown domains, exploring their infected neighbors to determine the likelihood of the domains becoming compromised as well. Below, you will see actual data sets extracted from the Umbrella Security Graph database, representing relationships between domains.

Domain neighborhood with a depth of 3 :

1

Domain neighborhood with a depth of 4 :

3
5
4

References :

https://en.wikipedia.org/wiki/Force-directed_graph_drawing

Previous Post:

Previous Article

Next Post:

Next Article

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Cisco Umbrella Blog
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Cisco Umbrella

Learn more

  • Events
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2021 Cisco Umbrella