Josh Stone, Blog

Josh’s projects and security nerdery

DarkNet Visualization

Today, I finished up the first “real” version of my DarkNet simulator. I collect data from various places for hosts scanning certain networks. These sensors provide information for me as I hope to identify “evil” IPs for defensive purposes. From this data, I found an easy way to correlate an IP with its originating country.

Combined with my new-found knowledge of OpenGL, I discovered I had the tools in-hand to build a 3D visualization. I had to do the following:

  • Write a simulator – This takes the results from my data collection and replays incoming scans at a rate faster than Real LifeTM.
  • Write a display engine – Easier than making a game, I’m sure, but somewhat challenging. I had to build a framework that could take direction from the simulator to display information appropriately.
  • Generate map data – Showing network scans visually is useless unless you can get the source point right; for this, I wrote a separate tool to let me efficiently define lists of locations (further showing whether or not my engine was flexible enough!)
  • Output screenshots – So I could prove it with the video above!

Tools Used

I used a combination of tools: