Visualization and Analysis of Multi-Host Traffic
To find the malware infections, we developed an analysis tool that visualizes hosts and network traffic. This tool displays an animation of traffic patterns which are color-coded according to hosts and network. The system is composed of two modules. One plots third and fourth octets on two-dimensional maps. The other displays octets change on four frames. Then we analyzed a honeynet log, we could easily find three malware scans came from two hosts in same time.