Ergo Witness is a 3D visualization of network data for a national computing security competition called CCDC. The video above is just one prototype concept that I have made in the past 6 or so weeks.
The intended audience for this visualization are people who understand what the competition is about, have a basic understanding of network traffic, but cannot necessarily follow all of the in depth updates through the competition.
The spheres represent a device on the network, and their color is determined by if they are on the red or blue team. If they are not on either team, then they are just orange for now. The teams are determined by if they have the same first 3 numbers of their IPv4 address the same. For example “192.168.137.100” would be in the same group as “192.168.137.1”.
The lines and particles that are being drawn in between represent netflow traffic, and their color varies based on the protocol.
The white glow surrounding some spheres represents their different sub net values. This is something that I have been really struggling to represent in a good way, and I am currently searching for a better alternative.
I am gathering the network data by running Bro and Packetbeat on a CentOS 7 box, and sending their logs to a Logstash server. I then make HTTP Post requests, which you can learn more about in my post here.
There is a distinct lack of network data visualizations, especially interactive experiences. By using a game engine to do this there are endless possibilities for VR data visualisations that could be legitimate tools to help professionals do their jobs better. Imagine, one headset, with 360 degrees of viewing space to add as many virtual screens as the user wants. No longer would people need to but 15 different computer monitors, they could just by one headset. And if you developed for something like the Hololens, then the user can still see through to their keyboard and their surroundings. Amazing.