spinning cube

Zeek
1

hi adriel,

You may be interested in this too -

http://www.cs.ru.ac.za/research/g02v2468/inetvis.html

Cheers ;]

2

CS Lee wrote:

hi adriel,

You may be interested in this too -

http://www.cs.ru.ac.za/research/g02v2468/inetvis.html

Cheers ;]

The original Cube is here:

http://www.nersc.gov/nusers/security/TheSpinningCube.php

and uses Bro.

Steve

- --

3

Hello everybody,

I'm sure i'm missing something but on this page it's said " Code is
currently not available"... :slight_smile:

With regards,

Jean-Philippe.

4

Hello,

You're right, according to the web page, they used the concept
Stephen has developped :

InetVis is a 3-D scatter-plot visualization for network traffic. In
way, it's more or less like a media player, but for network traffic.
It's quite handy for observing scan activity and other anomolous
traffic patterns. The 3-D scatter-plot concept is adopted from Stephen
Lau's Spinning Cube of Potential Doom.

Just to mention two things for people interested in security data
visualization (a thing often ignored in the field of safety) :

1) http://www.vizsec.org
2) a good book from Greg Conti : "security data visualization"

With regards,

Jean-Philippe.

5

jean-philippe luiggi wrote:

Hello everybody,

I'm sure i'm missing something but on this page it's said " Code is
currently not available"... :slight_smile:

You have to ask real nice. :slight_smile:

Steve

- --

6

Stephen Lau wrote:

jean-philippe luiggi wrote:
> Hello everybody,
>
> I'm sure i'm missing something but on this page it's said " Code is
> currently not available"... :slight_smile:

You have to ask real nice. :slight_smile:

Steve

Seriously though, I wrote it while I was at LBNL. It's owned
by the Regents of the University of California. My attempts to
release the source code got caught up in legality since there had
been pictures of it in ACM. (read they didn't want someone else
to start making money off it). I essentially dropped pursuing
public release of the code.

It's somewhat silly because the code itself isn't that complex. For
bro, I have a reader that parses conn files and plots them via
OpenGL in three d.

There are other cubes out there that do similar things.

By the way, I also have a little app I wrote that is a companion
piece to the Cube. Give it a series of images and a network address
space and it'll perform a scan that will will show up as a little
animated movie inside the Cube if the Cube is displaying that segment of
the network. Of course the resolution is a little limited
and you risk lighting up all sorts of alarms with it.

I attached an image of it...I call it the "The Evil Otto of Doom".

Steve

- --

Smiley.jpg
Smiley.jpg648×507 103 KB