The amount of network traffic on the Internet continues to escalate. At the same time, the number of potential security and data integrity threats, such as malware, also continue to escalate. It is becoming increasingly difficult to track the prevalence and spread of these threats due to the overwhelming amount of network traffic.
What is needed is an improved method and apparatus for collecting and analyzing network traffic to identify potential threats. What is further needed is the ability to filter and/or aggregate the collected data to identify patterns that indicate the presence of potential threats.
Equally important to data collection and analysis is having a “frontend” user interface that allows a user to quickly understand the data and identify patterns in the data. It is important to allow a user select the type of data of interest and to present the relevant data to the user in a way that a human being can quickly understand. In the prior art, user interfaces would allow a user to filter data by selected criteria. However, prior art user interfaces were limited because the criteria were not updated in real-time as the underlying dataset itself evolved.
What is needed is an improved user interface that permits a user to customize the user interface to be able to select the data of interest. What is further needed is a user interface that is modified in real-time as the underlying data set changes.