A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
The Spinning Cube of Potential Doom
Communications of the ACM - Wireless sensor networks
Characteristics of internet background radiation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
IDGraphs: Intrusion Detection and Analysis Using Histographs
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Closing-the-Loop in NVisionIP: Integrating Discovery and Search in Security Visualizations
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
InetVis, a visual tool for network telescope traffic analysis
AFRIGRAPH '06 Proceedings of the 4th international conference on Computer graphics, virtual reality, visualisation and interaction in Africa
Focusing on Context in Network Traffic Analysis
IEEE Computer Graphics and Applications
Traffic data repository at the WIDE project
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
WebClass: adding rigor to manual labeling of traffic anomalies
ACM SIGCOMM Computer Communication Review
Proceedings of the 2007 workshop on Large scale attack defense
Applied Security Visualization
Applied Security Visualization
An image processing approach to traffic anomaly detection
Proceedings of the 4th Asian Conference on Internet Engineering
Proposing a multi-touch interface for intrusion detection environments
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Uncovering relations between traffic classifiers and anomaly detectors via graph theory
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
| Hi-index | 0.00 |
Visualization is an intuitive and powerful way of understanding the evolution of huge amounts of network traffic in terms of characterizing network anomalies. We propose an interactive tool to display, explore, and understand network traffic focusing on anomalies. It displays traffic on different temporal and spatial (address and port) scales and lets users navigate network data by using a simple interface. Different graphical representations are used to highlight anomalies quickly, and textual packet information about corresponding plotted points are provided. The proposed tool provides good support for understanding traffic behavior and for evaluating the effectiveness of anomaly detection method. The tool directly reads dump files and uses no intermediate database in daily operations. This paper demonstrates several examples emphasizing specific patterns for various anomalies.