Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.

Original languageEnglish
Title of host publicationProceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
Pages1088-1093
Number of pages6
DOIs
Publication statusPublished - Aug 19 2013
Event27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013 - Barcelona, Spain
Duration: Mar 25 2013Mar 28 2013

Publication series

NameProceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013

Other

Other27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
CountrySpain
CityBarcelona
Period3/25/133/28/13

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Computer Science Applications

Fingerprint Dive into the research topics of 'Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection'. Together they form a unique fingerprint.

  • Cite this

    Okada, Y. (2013). Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection. In Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013 (pp. 1088-1093). [6550540] (Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013). https://doi.org/10.1109/WAINA.2013.185