Manifold learning visualization of network traffic data

Authors:
Neal Patwari;Alfred O. Hero, III;Adam Pacholski
Affiliations:
University of Michigan, Ann Arbor, MI;University of Michigan, Ann Arbor, MI;University of Michigan, Ann Arbor, MI
Venue:
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Year:
2005

Citing 9
Cited 9

Color indexing

International Journal of Computer Vision
Dynamic multidimensional histograms

Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Automatically inferring patterns of resource consumption in network traffic

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
The Spinning Cube of Potential Doom

Communications of the ACM - Wireless sensor networks
Diagnosing network-wide traffic anomalies

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Characterization of network-wide anomalies in traffic flows

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
NVisionIP: netflow visualizations of system state for security situational awareness

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
The OSU Flow-tools Package and CISCO NetFlow Logs

LISA '00 Proceedings of the 14th USENIX conference on System administration
FlowScan: A Network Traffic Flow Reporting and Visualization Tool

LISA '00 Proceedings of the 14th USENIX conference on System administration

Extracting hidden anomalies using sketch and non Gaussian multiresolution statistical detection procedures

Proceedings of the 2007 workshop on Large scale attack defense
Mining and visualising wireless sensor network data

International Journal of Sensor Networks
Anomaly detection using manifold embedding and its applications in transportation corridors

Intelligent Data Analysis - Knowledge Discovery from Data Streams
Network stack diagnosis and visualization tool

Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Use of dimensionality reduction for intrusion detection

ICISS'07 Proceedings of the 3rd international conference on Information systems security
Properties and Evolution of Internet Traffic Networks from Anonymized Flow Data

ACM Transactions on Internet Technology (TOIT)
ASAP: automatic semantics-aware analysis of network payloads

PSDML'10 Proceedings of the international ECML/PKDD conference on Privacy and security issues in data mining and machine learning
A novel gait recognition analysis system based on body sensor networks for patients with Parkinson's disease

International Journal of Communication Networks and Distributed Systems
Review: A survey of network flow applications

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.03

Visualization

Abstract

When traffic anomalies or intrusion attempts occur on the network, we expect that the distribution of network traffic will change. Monitoring the network for changes over time, across space (at various routers in the network), over source and destination ports, IP addresses, or AS numbers, is an important part of anomaly detection. We present a manifold learning (ML)-based tool for the visualization of large sets of data which emphasizes the unusually small or large correlations that exist within the data set. We apply the tool to display anomalous traffic recorded by NetFlow on the Abilene backbone network. Furthermore, we present an online Java-based GUI which allows interactive demonstration of the use of the visualization method.