Direct Manipulation of Parallel Coordinates
IV '00 Proceedings of the International Conference on Information Visualisation
ACM SIGCOMM Computer Communication Review
Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Parallel Coordinates: Visual Multidimensional Geometry and Its Applications
Parallel Coordinates: Visual Multidimensional Geometry and Its Applications
Learning-based anomaly detection in BGP updates
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
An internet routing forensics framework for discovering rules of abnormal BGP events
ACM SIGCOMM Computer Communication Review
A study of prefix hijacking and interception in the internet
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Toward a Deeper Understanding of the Role of Interaction in Information Visualization
IEEE Transactions on Visualization and Computer Graphics
BGPeep: An IP-Space Centered View for Internet Routing Data
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Combining similarity measures in content-based image retrieval
Pattern Recognition Letters
Threshold-optimized decision-level fusion and its application to biometrics
Pattern Recognition
BGP-lens: patterns and anomalies in internet routing updates
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
An Online Mechanism for BGP Instability Detection and Analysis
IEEE Transactions on Computers
Hi-index | 0.00 |
This paper presents BGPfuse, a scheme for visualizing and exploring BGP (Border Gateway Protocol) path change anomalies. BGPfuse uses a set of BGP features that are capable of quantifying the degree of anomaly of each path change event. Moreover, visual methods are introduced for performing the efficient fusion of these multiple features. The exploitation of the human perception, allows to overcome the static-nature of the existing weight-based fusion approaches. A Parallel Coordinates approach is used to visualize these features, which is further enhanced with filtering capabilities, so as to discriminate between normal and abnormal events. BGPfuse uses multiple linked graph views so as to represent in depth the relationships among the involved Autonomous Systems (ASes), as well as a combined graph view to highlight structural similarities between all the individual feature graphs. The structural similarities as well as the filtering capabilities provided by BGPfuse, enable the analyst to perform visual fusion of the BGP features, so as to detect any suspicious behavior and focus only in the most interesting cases. Experimental demonstration of BGPfuse, shows the analytical potential of the proposed approach by decisively capturing malicious BGP hijacking events.