The imagery shown is based on real data from a real attack. The ‘balls’ on the right represent some hacker attempting to crack a VOIP server. The balls on the left represent the server’s response to the attack. The balls crash into each other and fight it out in the middle of the battlefield. The good balls do better, in this case.
Although the attack is relentless and fast-paced, the volume of data from this one attack on a single IP/port (here UDP 5060 for SIP sessions) is really a drop in the ocean in terms of the wider internet. The visualization is created via a Ruby-based tool called “gltail”, which is specifically designed to visualize Apache web server logs in real-time.
Sign up for my newsletter.