Ergo Witness Update

Ergo Witness

 

What’s new?

  1. Much improved visuals and UI/UX.
  2. Options menu to configure your settings on start instead of going into files to do so.
  3. Camera speed control.
  4. Color coding groups based on the options menu configuration.
  5. Audio queues that play when specific protocols appear.
  6. DNS traffic is now represented .
  7. Click on a node to query it against your Logstash server.
  8. Linux, Mac, and Android support.

What’s coming?

  1. VR experience of being able to analyze data in a fun and interactive environment.
  2. Saving your options menu so that you don’t have to re-enter it every time.
  3. Improved audio and 3D models.

Black Hole Game – Spring Break Jam

How did this start?

Over this past spring break of 2017, I set up a small group project for people to do over break. This was part of the club that I am the current Vice President of, RIT Game Development Club. The process started out with a group meeting where we all picked out roles that we would like to fulfill. In the end, most people had preventing circumstances and the project fell on just me and one other person who recorded some audio for the game.

About the game

The basic mechanic of this game is that the player shoots “black holes” at the opposing player. trying to get the other player stuck and lose a life. The black holes merge together when they hit each other, creating large black holes. The larger the hole is, the more attraction force it will have. The orange obstacles are bouncy obstacles that can send players off into unwanted directions, or they might just save them from a couple close calls too.

See this project on GitHub

 

Prototype of “Ergo Witness”

 

What is Ergo Witness?

Ergo Witness is a 3D visualization of network data for a national computing security competition called CCDC. The video above is just one prototype concept that I have made in the past 6 or so weeks.

Who is the intended audience?

The intended audience for this visualization are people who understand what the competition is about, have a basic understanding of network traffic, but cannot necessarily follow all of the in depth updates through the competition.

What is happening?

The spheres represent a device on the network, and their color is determined by if they are on the red or blue team. If they are not on either team, then they are just orange for now. The teams are determined by if they have the same first 3 numbers of their IPv4 address the same. For example “192.168.137.100” would be in the same group as “192.168.137.1”.

The lines and particles that are being drawn in between represent netflow traffic, and their color varies based on the protocol.

The white glow surrounding some spheres represents their different sub net values. This is something that I have been really struggling to represent in a good way, and I am currently searching for a better alternative.

How do I get the data?

I am gathering the network data by running Bro and Packetbeat on a CentOS 7 box, and sending their logs to a Logstash server. I then make HTTP Post requests, which you can learn more about in my post here.

Why is this important?

There is a distinct lack of network data visualizations, especially interactive experiences. By using a game engine to do this there are endless possibilities for VR data visualisations that could be legitimate tools to help professionals do their jobs better. Imagine, one headset, with 360 degrees of viewing space to add as many virtual screens as the user wants. No longer would people need to but 15 different computer monitors, they could just by one headset. And if you developed for something like the Hololens, then the user can still see through to their keyboard and their surroundings. Amazing.