First Place: Visualizing Network Traffic

Max Goldstein, Computer Science Undergraduate Student, School of Engineering

Network Traffic

Click on the image to view original.

What’s happening on “the most dangerous computer network in the world”? The Internet Protocol defines addresses at which computers can send and receive discrete messages known as packets. Professor Ming Chow captured some 10 million IP packets from 50 minutes of the 2013 DEF CON computer security conference in Las Vegas, resulting in 15GB of impenetrable binary files. By extracting metadata such as sender, receiver, packet size, and timestamp, one finds the bandwidth (rate of data transfer) to and from each foreign address over the time of the capture. Plotting these curves for all 8784 distinct foreign addresses, for uploads and downloads, would be worthless; instead only the global maximum of each is shown. Selecting a small number of points displays their entire bandwidth history. IP addresses are also associated with geographic locations, and these are plotted on a map.