Title :
A visualization tool for exploring multi-scale network traffic anomalies
Author :
Fontugne, Romain ; Hirotsu, Toshio ; Fukuda, Kensuke
Author_Institution :
Grad. Univ. for Adv. Studies, Tokyo, Japan
Abstract :
Visualization is an intuitive and powerful way of understanding the evolution of huge amounts of network traffic in terms of characterizing network anomalies. We propose an interactive tool to display, explore, and understand network traffic focusing on anomalies. It displays traffic on different temporal and spatial (address and port) scales and lets users navigate network data by using a simple interface. Different graphical representations are used to highlight anomalies quickly, and textual packet information about corresponding plotted points are provided. The proposed tool provides good support for understanding traffic behavior and for evaluating the effectiveness of anomaly detection method. The tool directly reads dump files and uses no intermediate database in daily operations. This paper demonstrates several examples emphasizing specific patterns for various anomalies.
Keywords :
Internet; data visualisation; telecommunication traffic; Internet; graphical representations; multiscale network traffic anomalies; network data navigation; temporal-spatial scales; textual packet information; visualization tool; Displays; Informatics; Internet; Intrusion detection; Navigation; Remote monitoring; Scattering; Spine; Telecommunication traffic; Visualization;
Conference_Titel :
Performance Evaluation of Computer & Telecommunication Systems, 2009. SPECTS 2009. International Symposium on
Conference_Location :
Istanbul
Print_ISBN :
978-1-4244-4165-5
Electronic_ISBN :
978-1-56555-328-6
