Visualisation of Networks 3rd Year Software Engineering Project by David Gilbert Department of Computer Science, University of Durham 2005 www.randomwire.com No part of the material offered has previously been submitted by the author for a degree in the University of Durham or in any other university. All the work presented here is the sole work of the author and no one else. 18,000 words approximately. 1 Abstract In this report we aim to explore the field of 'Information Visualisation' in relation to mapping interconnected structures (networks). We investigate the effectiveness of current methods and theories that guide the construction of visualisations. A review of the TCP/IP network protocol and possible topologies demonstrates the type and range of information available to be mapped. The prototype process model is followed to produce a design which is implemented to form a tool capable of connecting together multiple Linux tools for the purpose of collecting and visualising network data. Methods for evaluating visualisations are discussed to realise a set of evaluation criteria which are then set against a number of visualisation tools. Graphic output from these tools are discussed with relation to the knowledge we can gain from them. The OSI model is compared to our findings showing a clear relationship. Tools using external data sources are then evaluated to converge our knowledge of the domain. A static conceptual map of Durham is also created to demonstrate alternate forms of visualisation and in particular quasi geographic layout. 2 Contents 1 Background...................................................................................................................6 1.1 Problem Domain.......................................................................................................7 1.1.1 Human-Information Interaction..............................................................................7 1.1.2 Software Engineering Practices..............................................................................7 1.2 Terminology Used.....................................................................................................8 1.3 Objectives..............................................................................................................8 1.4 Deliverables............................................................................................................9 1.4.1 Minimum.........................................................................................................9 1.4.2 Intermediate....................................................................................................9 1.4.3 Advanced........................................................................................................9 1.5 Report Contents.......................................................................................................9 1.6 Time Plan..............................................................................................................9 2 Part A - Networks..........................................................................................................11 2.1 Introduction..........................................................................................................11 2.2 Background...........................................................................................................11 2.3 OSI Model & Header Composition.................................................................................12 2.4 Network Topologies.................................................................................................13 2.5 Address Classes......................................................................................................14 2.6 TCP/IP Utilities......................................................................................................14 2.6.1 Netstat..........................................................................................................15 2.6.2 Nmap ...........................................................................................................15 2.6.3 Ping..............................................................................................................15 2.6.4 Traceroute.....................................................................................................16 2.6.5 Whois............................................................................................................16 2.7 Mapping, Not Hacking...............................................................................................17 2.8 Summary..............................................................................................................17 2 Part B - Visualisation......................................................................................................18 2.9 Introduction..........................................................................................................18 2.10 Background..........................................................................................................18 2.11 Case Study 1 – The London Underground.......................................................................20 2.12 Case Study 2 – Lumeta Internet Mapping Project.............................................................20 2.13 Visualisation Techniques..........................................................................................21 2.13.1 Graph Theory.................................................................................................22 2.14 Summary.............................................................................................................27 3 Design........................................................................................................................28 3.1 Introduction..........................................................................................................28 3.2 Architecture Design.................................................................................................29 3.2.1 Data Flow.......................................................................................................30 3.3 System Interaction..................................................................................................32 3.4 Data Extraction......................................................................................................32 3.5 Database Format....................................................................................................33 3.6 Database Concurrency Control....................................................................................35 3.7 Technical Considerations...........................................................................................35 3.8 Design Rationale.....................................................................................................36 3.9 Summary..............................................................................................................37 4 Implementation............................................................................................................38 4.1 Introduction..........................................................................................................38 4.2 Scripting Language Comparison...................................................................................39 4.3 Visualisation Tools Features.......................................................................................40 4.4 Visualisation Tools Criteria.........................................................................................41 4.5 Script List.............................................................................................................42 4.6 Script Interaction....................................................................................................43 4.7 Execution Example..................................................................................................44 4.8 Source Overview.....................................................................................................45 4.8.1 Pingscan.pl.....................................................................................................45 4.8.2 Tracenetwork.pl...............................................................................................45 4.8.3 Enumerate.pl..................................................................................................46 4.8.4 Nodeconvert.pl................................................................................................46 3 4.8.5 Discovertrace.pl...............................................................................................46 4.9 Technical Issues Encountered.....................................................................................47 4.9.1 Traceroute Efficiency........................................................................................47 4.9.2 Service Scanning..............................................................................................47 4.10 Testing...............................................................................................................48 4.11 Summary.............................................................................................................49 5 Evaluation...................................................................................................................50 5.1 Beyond Data..........................................................................................................50