مرکز منطقه ای اطلاع رساني علوم و فناوري - Network Data Visualization Using Parallel Coordinates Version of Time-tunnel with 2Dto2D Visualization for Intrusion Detection

DocumentCode :

614109

Title :

Network Data Visualization Using Parallel Coordinates Version of Time-tunnel with 2Dto2D Visualization for Intrusion Detection

Author :

Okada, Yoshitaka

Author_Institution :

Grad. Sch. of Inf. Sci. & Electr. Eng., Kyushu Univ., Fukuoka, Japan

fYear :

2013

fDate :

25-28 March 2013

Firstpage :

1088

Lastpage :

1093

Abstract :

This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.

Keywords :

IP networks; computer crime; computer network security; data visualisation; parallel processing; 2Dto2D visualization functionality; IP packet data; PCTT; access pattern; attribute data; destination IP; destination port; four attributes data; four dimensional data; intrusion detection; multidimensional data visualization tool; network attack pattern; network data visualization; parallel coordinates version of time-tunnel; parallel coordinates visualization; source IP; source port; Computers; Data visualization; IP networks; Intrusion detection; Ports (Computers); Radar; Three-dimensional displays; 3D visualization; Parallel Coordinates; Timetunnel; intrusion detection;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Advanced Information Networking and Applications Workshops (WAINA), 2013 27th International Conference on

Conference_Location :

Barcelona

Print_ISBN :

978-1-4673-6239-9

Electronic_ISBN :

978-0-7695-4952-1

Type :

conf

DOI :

10.1109/WAINA.2013.185

Filename :

6550540

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=614109