Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)

Abstract

This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.

Original languageEnglish
Title of host publicationProceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
Pages1088-1093
Number of pages6
DOIs
Publication statusPublished - 2013
Event27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013 - Barcelona, Spain
Duration: Mar 25 2013Mar 28 2013

Other

Other27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
CountrySpain
CityBarcelona
Period3/25/133/28/13

Fingerprint

Data visualization
Intrusion detection
Tunnels
Visualization

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Computer Science Applications

Cite this

Okada, Y. (2013). Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection. In Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013 (pp. 1088-1093). [6550540] https://doi.org/10.1109/WAINA.2013.185

Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection. / Okada, Yoshihiro.

Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013. 2013. p. 1088-1093 6550540.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Okada, Y 2013, Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection. in Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013., 6550540, pp. 1088-1093, 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013, Barcelona, Spain, 3/25/13. https://doi.org/10.1109/WAINA.2013.185
Okada Y. Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection. In Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013. 2013. p. 1088-1093. 6550540 https://doi.org/10.1109/WAINA.2013.185
Okada, Yoshihiro. / Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection. Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013. 2013. pp. 1088-1093
@inproceedings{4043e4206fb44b509079619008d2510a,
title = "Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection",
abstract = "This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.",
author = "Yoshihiro Okada",
year = "2013",
doi = "10.1109/WAINA.2013.185",
language = "English",
isbn = "9780769549521",
pages = "1088--1093",
booktitle = "Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013",

}

TY - GEN

T1 - Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection

AU - Okada, Yoshihiro

PY - 2013

Y1 - 2013

N2 - This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.

AB - This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.

UR - http://www.scopus.com/inward/record.url?scp=84881437120&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84881437120&partnerID=8YFLogxK

U2 - 10.1109/WAINA.2013.185

DO - 10.1109/WAINA.2013.185

M3 - Conference contribution

SN - 9780769549521

SP - 1088

EP - 1093

BT - Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013

ER -