• DocumentCode
    614109
  • Title

    Network Data Visualization Using Parallel Coordinates Version of Time-tunnel with 2Dto2D Visualization for Intrusion Detection

  • Author

    Okada, Yoshitaka

  • Author_Institution
    Grad. Sch. of Inf. Sci. & Electr. Eng., Kyushu Univ., Fukuoka, Japan
  • fYear
    2013
  • fDate
    25-28 March 2013
  • Firstpage
    1088
  • Lastpage
    1093
  • Abstract
    This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.
  • Keywords
    IP networks; computer crime; computer network security; data visualisation; parallel processing; 2Dto2D visualization functionality; IP packet data; PCTT; access pattern; attribute data; destination IP; destination port; four attributes data; four dimensional data; intrusion detection; multidimensional data visualization tool; network attack pattern; network data visualization; parallel coordinates version of time-tunnel; parallel coordinates visualization; source IP; source port; Computers; Data visualization; IP networks; Intrusion detection; Ports (Computers); Radar; Three-dimensional displays; 3D visualization; Parallel Coordinates; Timetunnel; intrusion detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Information Networking and Applications Workshops (WAINA), 2013 27th International Conference on
  • Conference_Location
    Barcelona
  • Print_ISBN
    978-1-4673-6239-9
  • Electronic_ISBN
    978-0-7695-4952-1
  • Type

    conf

  • DOI
    10.1109/WAINA.2013.185
  • Filename
    6550540
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=614109