Sciweavers

PST
2004

A novel visualization technique for network anomaly detection

14 years 1 months ago
A novel visualization technique for network anomaly detection
Visualized information is a technique that can encode large amounts of complex interrelated data, being at the same time easily quantified, manipulated, and processed by a human user. Our aim is to develop a novel graphical technique for network traffic visualization that will easily highlight anomalies that can arise within the network. In our work we are exclusively concerned with all the information that can be extracted at the network layer (e.g., from the TCP/IP datagram). We choose to use the Darpa 1999 database given the fact that all the intrusions are labeled and we can easily observe the visualization behavior while the network is under attack. Although applied to a dataset, the visualization technique can work on-line in a network because it only uses data that can be extracted in a real-time manner. Experiments show our visualization technique to be a good medium when trying to identify possible anomalies of the network such as: DoS types of attacks (e.g., Smurf and Mailbom...
Iosif-Viorel Onut, Bin Zhu, Ali A. Ghorbani
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2004
Where PST
Authors Iosif-Viorel Onut, Bin Zhu, Ali A. Ghorbani
Comments (0)