By George V. Hulme

An army must sense and respond to changing conditions—including its own vulnerabilities. The same is true for CIOs fighting to secure IT networks. To defend their systems against hackers, thieves and other intruders, CIOs and their security managers need accurate, clearly presented and actionable information.

While that's easier said than done, improving such network intelligence is one of the goals outlined recently by the U.S. Department of Homeland Security (DHS). The department wants to collect information about network traffic at the borders of the federal networks. Currently, however, for security engineers to identify which network events are truly abnormal and would need further investigation, they would need to study literally millions of lines of raw data.

To help streamline this process, DHS's Science and Technology Directorate recently granted a research award to CA Labs, the research and development arm of the IT management solutions provider, to develop innovative ways to analyze network traffic flow. CA Labs, in collaboration with Dalhousie University of Halifax, Canada, will use the award to advance a security event visualization framework. This framework, as planned, will present vast amounts of network information and facilitate security analysis across any large, distributed network. "It's easier for people to grasp data that is presented graphically [rather] than displayed as reams of digits," says Carrie Gates, a Researcher at CA Labs. "In this way, important trends can be easily spotted."