Neural Computing and Applications

, Volume 26, Issue 1, pp 117–130 | Cite as

Data mining-based integrated network traffic visualization framework for threat detection

Original Article

Abstract

In this speedy and voluminous digital world, the threat detection and reporting are a challenging job for rapid action. The present study deals with a strong and viable solution to overcome different threats, network security using data mining approach and techniques through visual graphical representation. Current research study explained and proposed a novel approach named as ‘integrated network traffic visualization system’. Nevertheless, current framework is working and based on data mining, further help out to demonstrates two new visualization schemes called as: Firstly Grid and secondly Platter. Per framework results, the Grid view is capable of displaying network traffic in different classified grids, based on application layer protocols. Additionally, Platter view visualizes campus area wireless network traffic on a single screen mechanized automatically adjusted with network size. These active schemes are significantly effective to identify and monitor the compromised machines and cuts down reaction time.

Keywords

Data mining Grid view Integrated network traffic visualization system Platter view 

References

  1. 1.
    Ware C (2012) Information visualization, perception for design (interactive technologies), 3rd ednGoogle Scholar
  2. 2.
    Lakkaraju K, Yurcik W, Lee A J (2004) NVisionIP: netflow visualizations of system state for security situational awareness. In: ACM workshop on visualization and data mining for computer security, VizSEC/DMSEC’04. ACM, pp 65–72Google Scholar
  3. 3.
    Ball R, Fink GA, North C (2004) Home-centric visualization of network traffic for security administration. In: ACM workshop on visualization and data mining for computer security, VizSEC/DMSEC’04. ACM, pp 55–64Google Scholar
  4. 4.
    Ahmad I, Abdullah AB, Alghamdi AS (2009) Application of artificial neural network in detection of probing attacks. In: IEEE symposium on industrial electronics and applications ISIEA 2009. IEEE, pp 557–562Google Scholar
  5. 5.
    Westphal C (2009) Data mining for intelligence, fraud, and criminal detection. CRC Press, Boca Raton. ISBN 13:978-1-4200-6723-1Google Scholar
  6. 6.
    Golnabi K, Min RK, Khan L, Al-Shaer E (2006) Analysis of firewall policy rules using data mining techniques. In: 10th IEEE/IFIP, network operations and management symposium, NOMS’2006. IEEE, pp 305–315Google Scholar
  7. 7.
    Vaarandi R (2009) Real-time classification of IDS alerts with data mining techniques. In: Military communications conference, MILCOM 2009. IEEE, pp 1–7Google Scholar
  8. 8.
    Swing E (1998) Flodar: flow visualization of network traffic. Comput Graph Appl IEEE 18(5):6–8CrossRefGoogle Scholar
  9. 9.
    Estrin D, Handley M, Heidermann J, McCanne S, Xu Y, Yu H (2000) Network visualization with Nam, the VINT network administrator. IEEE ComputGoogle Scholar
  10. 10.
    Yin X, Yurcik W, Treaster M (2004) VisFlowConnect: NetFlow visualizations of link relationships for security situational awareness. In: ACM workshop on visualization and data mining for computer security,VizSEC/DMSEC’04. ACM. doi:1-58113-974-8/04/0010Google Scholar
  11. 11.
    Fink GA, Muessig P, North C (2005) Visual correlation of host processes and network traffic. In: IEEE workshop on visualization for computer security, VizSEC 05. IEEE, pp 11–19Google Scholar
  12. 12.
    Kim SS, Reddy ALN (2005) NetViewer: a network traffic and analysis tool. In: 19th large installation system administration conference, LISA’05(19). USENIX, pp 185–196Google Scholar
  13. 13.
    Estan C, Magin G (2005) Interactive traffic analysis and visualization with Wisconsin Netpy. In: 19th large installation system administration conference, LISA 05(19). USENIX, pp 177–184Google Scholar
  14. 14.
    Abdullah K, Lee CP, Conti G, Copeland JA, Stasko J (2005) IDS RainStorm: visualizing IDS alarms. In: IEEE workshop on visualization for computer security, VizSEC 05, pp 1–10Google Scholar
  15. 15.
    Conti G (2006) http://www.rumint.org. Accessed 20 Jan 2013
  16. 16.
    Marty R (2005) http://afterglow.sourceforge.net/. Accessed 20 Jan 2013
  17. 17.
    Marty R (2008) http://www.secviz.org/node/89. Accessed 20 Jan 2013
  18. 18.
    Reil JPV, Irwin B (2006) InetVis, a visual tool for network telescope traffic analysis. In: International conference on computer graphics, virtual reality, visualisation and interaction in Africa, AFRIGRAPH 2006. ACM, pp 85–89Google Scholar
  19. 19.
    Oberheide J, Goff M, Karir M (2006) Flamingo: visualizing internet traffic. In: Proceedings of the 10th IEEE/IFIP network operations and management symposium. IEEE, pp 150–161Google Scholar
  20. 20.
    Decker E, Hill S, Hebel K (2005) http://nfsen.sourceforge.net/#mozTocId201388. Accessed 20 Jan 2013
  21. 21.
    Godinho I, Meiguins B, Gonçalves A, Carmo C, Garcia M, Almeida L, Lourenço R (2007) PRISMA—a multidimensional information visualization tool using multiple coordinated views. In: 11th international conference on information visualization (IV’07). IEEE, pp 23–32Google Scholar
  22. 22.
    Taylor T, Paterson D, Glanfield J, Gates C, Brooks S, McHugh J (2009) FloVis: flow visualization system. In: Cybersecurity applications and technology conference for homeland security. IEEE, pp 186–198Google Scholar
  23. 23.
    Allen M, McLachlan P (2009) NAV—network analysis visualization. University of British Columbia. [Online, 29 May 2009]Google Scholar
  24. 24.
    Goodall JR, Sowul M (2009) VIAssist: visual analytics for cyber defense. In: Technologies for homeland security, HST’09. IEEE, pp 143–150Google Scholar
  25. 25.
    Jiawan Z, Liang L, Liangfu L, Ning Z (2008) A novel visualization approach for efficient network scans detection. In: International conference on security technology, SECTECH’08. IEEE, pp 23–26Google Scholar
  26. 26.
    Osborne G, Turnbull B, Slay J (2010) The ‘Explore, Investigate and Correlate’ (EIC) conceptual framework for digital forensics information visualisation. In: ARES’10 international conference on availability, reliability, and security. IEEE, pp 629–634Google Scholar
  27. 27.
    Lu LF, Zhang JW, Huang ML, Fu L (2010) A new concentric-circle visualization of multi-dimensional data and its application in network security. J Vis Lang Comput 21:194–208CrossRefGoogle Scholar
  28. 28.
    Creese S, Goldsmith M, Moffat N, Happa J, Agrafiotis I (2013) CyberVis: visualizing the potential impact of cyber attacks on the wider enterprise. In: International conference on technologies for homeland security, HST’2013. IEEE, pp 73–79Google Scholar
  29. 29.
    Singh MP, Subramanian N, Rajamenakshi (2009) Visualization of Flow Data Based on Clustering Technique for Identifying Network Anomalies. In: IEEE symposium on industrial electronics and applications, ISIEA 2009. IEEE, pp 973–978Google Scholar
  30. 30.
    Shneiderman B (1996) The eyes have it: a task by data type taxonomy of information visualizations. In: IEEE symposium on visual languages. IEEE, pp 336–343Google Scholar

Copyright information

© The Natural Computing Applications Forum 2014

Authors and Affiliations

  1. 1.L.M. Thapar School of ManagementThapar UniversityPatialaIndia
  2. 2.Computer Science Engineering DepartmentThapar UniversityPatialaIndia

Personalised recommendations