| کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
|---|---|---|---|---|
| 524478 | 868670 | 2010 | 15 صفحه PDF | دانلود رایگان |
With the rapid growth of networked data communications in size and complexity, network administrators today are facing more challenges to protect their networked computers and devices from all kinds of attacks. This paper proposes a new concentric-circle visualization method for visualizing multi-dimensional network data. This method can be used to identify the main features of network attacks, such as DDoS attack, by displaying their recognizable visual patterns. To reduce the edge overlaps and crossings, we arrange multiple axes displayed as concentric circles rather than the traditional parallel lines. In our method, we use polycurves to link values (vertexes) rather than polylines used in parallel coordinate approach. Some heuristics are applied in our new method in order to improve the readability of views. We discuss the advantages as well as the limitations of our new method. In comparison with the parallel coordinate visualization, our approach can reduce more than 15% of the edge overlaps and crossings. In the second stage of the method, we have further enhanced the readability of views by increasing the edge crossing angle. Finally, we introduce our prototype system: a visual interactive network scan detection system called CCScanViewer. It is based on our new visualization approach and the experiments have showed that the new approach is effective in detecting attack features from a variety of networking patterns, such as the features of network scans and DDoS attacks.
Research Highlights
► A novel geometric coordinate for multi-dimensional visualization is proposed that can reduce the edge crossings in comparison with other traditional coordinates, such as the parallel coordinate.
► It is proved mathematically that in proposed concentric-circle coordinate the number of line crossings can be greatly reduced in comparison with the parallel coordinate.
► A new visual analytics method for detecting DDoS network attacks is proposed and implemented.
Journal: Journal of Visual Languages & Computing - Volume 21, Issue 4, August 2010, Pages 194–208