---

Network packet traces, despite having a lot of noise, contain priceless information, especially for investigating security incidents and performance problems. However, given the gigabytes of ow crossing a typical enterprise network every day, spotting malicious activity and analyzing trends become tedious tasks. Therefore, the appropriate representation of traffic data to the human user is crucial to network security. In this book, we bring together two powerful tools from different areas of application: SiLK (System for Internet-Level Knowledge), for command-based network trace analysis; and ComVis, a generic information visualization tool. We integrate the powers of both tools by aiding simplified interaction between them, using a simple GUI, for the purpose of visualizing network traces, characterizing interesting patterns, and ngerprinting related activity. The main contribution of this research is a protocol-specific framework of visualization for ICMP and UDP traffic data. The Guidelines we infer can be vital in the creation of smart books describing best practices in using visualization and interaction techniques to maintain network security.

---

I received my B.Sc. with First Class Honors from the CS department in Suez Canal University, Egypt, and my M.Sc. from Virginia Tech, USA, in 2009. I took a number of graduate courses at Ain Shams University in 2004, and volunteered as a research assistant at Johns Hopkins Medical Robotics Lab in 2006. I am currently a PhD student at Virginia Tech.

---