Sybil attack detection through global topology pattern visualization

Authors:
Aidong Lu;Weichao Wang;Abhishek Dnyate;Xianlin Hu
Affiliations:
Department of Computer Science, University of North Carolina at Charlotte, North Carolina;Department of Software and Information Systems, University of North Carolina at Charlotte, North Carolina;Department of Computer Science, University of North Carolina at Charlotte, North Carolina;Department of Computer Science, University of North Carolina at Charlotte, North Carolina
Venue:
Information Visualization
Year:
2011

Citing 25
Cited 2

The table lens: merging graphical and symbolic representations in an interactive focus + context visualization for tabular information

CHI '94 Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Semi-automatic generation of transfer functions for direct volume rendering

VVS '98 Proceedings of the 1998 IEEE symposium on Volume visualization
A key-management scheme for distributed sensor networks

Proceedings of the 9th ACM conference on Computer and communications security
Designing Pixel-Oriented Visualization Techniques: Theory and Applications

IEEE Transactions on Visualization and Computer Graphics
The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
A Multi-scale Algorithm for the Linear Arrangement Problem

WG '02 Revised Papers from the 28th International Workshop on Graph-Theoretic Concepts in Computer Science
Random Key Predistribution Schemes for Sensor Networks

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
SHARP: an architecture for secure resource peering

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
A pairwise key pre-distribution scheme for wireless sensor networks

Proceedings of the 10th ACM conference on Computer and communications security
The sybil attack in sensor networks: analysis & defenses

Proceedings of the 3rd international symposium on Information processing in sensor networks
Efficient visualization of large routing topologies

International Journal of Network Management
Visualization Handbook

Visualization Handbook
Home-centric visualization of network traffic for security administration

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Generalized Blockmodeling (Structural Analysis in the Social Sciences)

Generalized Blockmodeling (Structural Analysis in the Social Sciences)
Establishing pairwise keys in distributed sensor networks

ACM Transactions on Information and System Security (TISSEC)
Weighted waypoint mobility model and its impact on ad hoc networks

ACM SIGMOBILE Mobile Computing and Communications Review
Secure routing for structured peer-to-peer overlay networks

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
On the establishment of distinct identities in overlay networks

Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
SeRLoc: Robust localization for wireless sensor networks

ACM Transactions on Sensor Networks (TOSN)
Sybilproof reputation mechanisms

Proceedings of the 2005 ACM SIGCOMM workshop on Economics of peer-to-peer systems
Constructing and reconstructing the reorderable matrix

Information Visualization
IDGraphs: Intrusion Detection and Analysis Using Stream Compositing

IEEE Computer Graphics and Applications
Visualizing and Managing Network Topologies via Rectangular Dualization

ISCC '06 Proceedings of the 11th IEEE Symposium on Computers and Communications
Visualization assisted detection of sybil attacks in wireless networks

Proceedings of the 3rd international workshop on Visualization for computer security
MatrixExplorer: a Dual-Representation System to Explore Social Networks

IEEE Transactions on Visualization and Computer Graphics

Evaluation of co-located and distributed collaborative visualization

Proceedings of the 5th International Symposium on Visual Information Communication and Interaction
SRNET: a real-time, cross-based anomaly detection and visualization system for wireless sensor networks

Proceedings of the Tenth Workshop on Visualization for Cyber Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a robust intrusion detection approach for wireless networks based on a new multi-matrix visualization method with a set of pattern generation, evaluation, organization and interaction functions. Our approach concentrates on assisting users to analyze statistical network topology patterns that could expose significant attack features. Specifically, we investigate Sybil attacks that have severe impacts on the fundamental operations of wireless networks. We have analyzed the features of network topologies under various Sybil attacks and, consequently, designed several matrix reordering algorithms to generate statistical patterns. These topology patterns are automatically evaluated and classified through the measured structural similarities to the signature attack patterns. We have also designed a new time-series analysis method to identify attack durations with a time histogram generation and an automatic segmentation method. To handle complex Sybil attacks, we have integrated our pattern generation, evaluation and organization methods to construct a prototype detection system, in which specialized interaction functions are provided to assist the analysis and comparison of network data. Simulation results show that this approach can effectively locate Sybil attacks under different combinations of network parameters. Our multi-matrix visualization method provides a flexible framework to handle the intricacies and implications from building a complex visual analytics system, which can be extended to defend against a wide range of attacks. Information Visualization (2011) 10, 32-46. doi:lO. 1057/ivs.2010. I; published online 2 September 2010