TY - GEN
T1 - Network data visualization using parallel coordinates version of time-tunnel with 2dto2d visualization for intrusion detection
AU - Okada, Yoshihiro
PY - 2013
Y1 - 2013
N2 - This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.
AB - This paper treats network data visualization using Parallel Coordinates version of Time-tunnel (PCTT) for intrusion detection. Originally, Time-tunnel is a multidimensional data visualization tool and its Parallel Coordinates version provides the functionality of Parallel Coordinates visualization. It can be used for the visualization of network data because IP packet data have many attributes and such multiple attribute data can be visualized using Parallel Coordinates. In this paper, the authors propose the combinatorial use of PCTT and 2Dto2D visualization functionality for the intrusion detection. 2Dto2D visualization functionality, whose concept is originally derived from nicter Cube, displays multiple lines those represent four dimensional (four attributes) data drawn from one (2D of two attributes) plane to the other (2D of the other two attributes) plane in a 3D space. This 2Dto2D visualization functionality was introduced to PCTT. Network attacks have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. So, 2Dto2D visualization is useful for detecting such access patterns. In this paper, the authors show several network attack patterns visualized using PCTT with 2Dto2D visualization as examples for the intrusion detection.
UR - http://www.scopus.com/inward/record.url?scp=84881437120&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84881437120&partnerID=8YFLogxK
U2 - 10.1109/WAINA.2013.185
DO - 10.1109/WAINA.2013.185
M3 - Conference contribution
AN - SCOPUS:84881437120
SN - 9780769549521
T3 - Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
SP - 1088
EP - 1093
BT - Proceedings - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
T2 - 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013
Y2 - 25 March 2013 through 28 March 2013
ER -