Skip to main content

Advertisement

Log in

Evaluating visualization approaches to detect abnormal activities in network traffic data

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Designing innovative approaches to detect intrusive network activities is considered as one of the most significant research topics in network security. Various computational methods are proposed to discover unknown attacks, but validating suspicious activities and understanding their unique characteristics are still difficult. To address this limitation, several visualization systems have been designed, which aim to enhance the ability of understanding data visually. However, the effectiveness of visualization techniques for network traffic data analysis has not been fully examined. In this paper, we performed in-depth literature review on visualization techniques for network traffic data analysis. From the review, we identified four key approaches that should be utilized in designing an effective network traffic visualization system: data filtration and transformation, pixel-based visualization, graph representation, and coordinated multi-views. To determine the effectiveness of the four visualization approaches, we developed several prototype visualizations and examined the complexity of implementation, requirement of data preprocessing, understandability of network patterns, and identifiability of abnormal network events.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

References

  1. Elshoush, H.T., Osman, I.M.: Reducing false positives through fuzzy alert correlation in collaborative intelligent intrusion detection systems: a review. In: International Conference on Fuzzy Systems, pp. 1–8 (2010)

  2. Keegan, N., Ji, S.Y., Chaudhary, A., Concolato, C., Yu, B., Jeong, D.H.: A survey of cloud-based network intrusion detection analysis. Hum.-centric Comput. Inf. Sci. 6(1), 19 (2016). https://doi.org/10.1186/s13673-016-0076-z

    Article  Google Scholar 

  3. Dean, J., Ghemawat, S.: Mapreduce: simplified data processing on large clusters. In: OSDI’04: Proceedings of the 6th Conference on Symposium on Operating Systems Design and Implementation. USENIX Association (2004)

  4. Shiravi, H., Shiravi, A., Ghorbani, A.A.: A survey of visualization systems for network security. IEEE Trans. Vis. Comput. Graph. 18(8), 1313–1329 (2012)

    Article  Google Scholar 

  5. Ji, S.Y., Jeong, B.K., Choi, S., Jeong, D.H.: A multi-level intrusion detection method for abnormal network behaviors. J. Netw. Comput. Appl. 62, 9–17 (2016)

    Article  Google Scholar 

  6. Jeong, D.H., Jeong, B., Ji, S.: Designing a hybrid approach with computational analysis and visual analytics to detect network intrusions. In: 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC), pp. 1–7 (2017)

  7. Harrison, L., Lu, A.: The future of security visualization: lessons from network visualization. IEEE Netw. 26(6), 6–11 (2012). https://doi.org/10.1109/MNET.2012.6375887

    Article  Google Scholar 

  8. Girardin, L.: An eye on network intruder-administrator shootouts. In: Proceedings of the 1st Conference on Workshop on Intrusion Detection and Network Monitoring—Volume 1, ID’99, pp. 3–3. USENIX Association, Berkeley, CA, USA (1999)

  9. Grinstein, G., Piatetsky-Shapiro, G., Wills, G.: Information exploration shootout or “benchmarks for information exploration”. In: Proceedings of Seventh Annual IEEE Visualization ’96, pp. 449–450 (1996). https://doi.org/10.1109/VISUAL.1996.568163

  10. McPherson, J., Ma, K.L., Krystosk, P., Bartoletti, T., Christensen, M.: Portvis: A tool for port-based detection of security events. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, VizSEC/DMSEC ’04, pp. 73–81. ACM, New York (2004)

  11. Ball, R., Fink, G.A., North, C.: Home-centric visualization of network traffic for security administration. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, VizSEC/DMSEC ’04, pp. 55–64. ACM, New York (2004)

  12. Goodall, J.R., Lutters, W.G., Rheingans, P., Komlodi, A.: Preserving the big picture: visual network traffic analysis with TNV. In: IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05), pp. 47–54 (2005)

  13. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 darpa off-line intrusion detection evaluation. Comput. Netw. 34(4), 579–595 (2000). https://doi.org/10.1016/S1389-1286(00)00139-0. Recent Advances in Intrusion Detection Systems

  14. Mansmann, F., Keim, D.A., North, S.C., Rexroad, B., Sheleheda, D.: Visual analysis of network traffic for resource planning, interactive monitoring, and interpretation of security threats. IEEE Trans. Vis. Comput. Graph. 13(6), 1105–1112 (2007). https://doi.org/10.1109/TVCG.2007.70522

    Article  Google Scholar 

  15. Bertini, E., Hertzog, P., Lalanne, D.: Spiralview: Towards security policies assessment through visual correlation of network resources with evolution of alarms. In: 2007 IEEE Symposium on Visual Analytics Science and Technology, pp. 139–146 (2007)

  16. Brown, C., Cowperthwaite, A., Hijazi, A., Somayaji, A.: Analysis of the 1999 darpa/lincoln laboratory ids evaluation data with netadhict. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–7 (2009)

  17. Glanfield, J., Brooks, S., Taylor, T., Paterson, D., Smith, C., Gates, C., McHugh, J.: Over flow: an overview visualization for network analysis. In: 2009 6th International Workshop on Visualization for Cyber Security, pp. 11–19 (2009)

  18. Goodall, J.R.: An evaluation of visual and textual network analysis tools. Inf. Vis. 10, 145–157 (2011)

    Article  Google Scholar 

  19. Angelini, M., Prigent, N., Santucci, G.: Percival: proactive and reactive attack and response assessment for cyber incidents using visual analytics. In: 2015 IEEE Symposium on Visualization for Cyber Security (VizSec), pp. 1–8 (2015)

  20. Cappers, B.C.M., van Wijk, J.J.: Understanding the context of network traffic alerts. In: 2016 IEEE Symposium on Visualization for Cyber Security (VizSec), pp. 1–8 (2016)

  21. Huynh, N.A., Ng, W.K., Ulmer, A., Kohlhammer, J.: Uncovering periodic network signals of cyber attacks. In: 2016 IEEE Symposium on Visualization for Cyber Security (VizSec), pp. 1–8 (2016)

  22. Biglar Beigi, E., Hadian Jazi, H., Stakhanova, N., Ghorbani, A.A.: Towards effective feature selection in machine learning-based botnet detection approaches. In: 2014 IEEE Conference on Communications and Network Security, pp. 247–255 (2014). https://doi.org/10.1109/CNS.2014.6997492

  23. Arendt, D.L., Burtner, R., Best, D.M., Bos, N.D., Gersh, J.R., Piatko, C.D., Paul, C.L.: Ocelot: user-centered design of a decision support visualization for network quarantine. In: 2015 IEEE Symposium on Visualization for Cyber Security (VizSec), pp. 1–8 (2015)

  24. Cook, K., Grinstein, G., Whiting, M.: VAST Challenge 2013: Mini-Challenge 3. http://vacommunity.org/VAST+Challenge+2013 (2019). [Online; accessed 10-November-2019]

  25. Ruan, Z., Miao, Y., Pan, L., Patterson, N., Zhang, J.: Visualization of big data security: a case study on the kdd99 cup data set. Digit. Commun. Netw. 3(4), 250–259 (2017). https://doi.org/10.1016/j.dcan.2017.07.004

    Article  Google Scholar 

  26. KDD99: KDD Cup 1999 Data. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html (2019). [Online; accessed 10-November-2019]

  27. NSL-KDD: NSL-KDD dataset. http://nsl.cs.unb.ca/NSL-KDD/ (2019). [Online; accessed 10-November-2019]

  28. Theron, R., Magán-Carrión, R., Camacho, J., Fernndez, G.M.: Network-wide intrusion detection supported by multivariate analysis and interactive visualization. In: 2017 IEEE Symposium on Visualization for Cyber Security (VizSec), pp. 1–8 (2017)

  29. Maciá-Fernández, G., Camacho, J., Magán-Carrión, R., García-Teodoro, P., Therón, R.: Ugr’16: a new dataset for the evaluation of cyclostationarity-based network idss. Comput. Secur. 73, 411–424 (2018)

    Article  Google Scholar 

  30. Cappers, B., van Wijk, J., Etalle, S., Meessen, P.: Eventpad: Rapid malware analysis and reverse engineering using visual analytics. In: 2018 IEEE Symposium on Visualization for Cyber Security (VizSec) (2018)

  31. Krokos, E., Rowden, A.R., Whitley, K., Varshney, A.: Visual analytics for root dns data. In: 2018 IEEE Symposium on Visualization for Cyber Security (VizSec) (2018)

  32. Goodall, J.R., Lutters, W.G., Rheingans, P., Komlodi, A.: Focusing on context in network traffic analysis. IEEE Comput. Graph. Appl. 26(2), 72–80 (2006). https://doi.org/10.1109/MCG.2006.31

    Article  Google Scholar 

  33. Jin, Y., Sharafuddin, E., Zhang, Z.L.: Unveiling core network-wide communication patterns through application traffic activity graph decomposition. SIGMETRICS Perform. Eval. Rev. 37(1), 49–60 (2009). https://doi.org/10.1145/2492101.1555356

    Article  Google Scholar 

  34. Kind, A., Stoecklin, M., Dimitropoulos, X.: Histogram-based traffic anomaly detection. IEEE Trans. Netw. Serv. Manag. 6(2), 110–121 (2009)

    Article  Google Scholar 

  35. Boschetti, A., Salgarelli, L., Muelder, C., Ma, K.L.: TVI: a visual querying system for network monitoring and anomaly detection. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, VizSec ’11, pp. 1:1–1:10. ACM, New York (2011)

  36. Henry, N., Fekete, J.D.: Matrixexplorer: a dual-representation system to explore social networks. IEEE Trans. Vis. Comput. Graph 12, 677–684 (2006)

    Article  Google Scholar 

  37. Marty, R.: Applied Security Visualization, 1st edn. Addison-Wesley Professional, Reading (2008)

    Google Scholar 

  38. Roberts, J.C.: State of the art: coordinated and multiple views in exploratory visualization. In: Proceedings of the Fifth International Conference on Coordinated and Multiple Views in Exploratory Visualization, CMV ’07, pp. 61–71. IEEE Computer Society, Washington (2007)

  39. Song, J., Takakura, H., Okabe, Y., Eto, M., Inoue, D., Nakao, K.: Statistical analysis of honeypot data and building of kyoto 2006+ dataset for NIDS evaluation. In: Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS ’11, pp. 29–36. Association for Computing Machinery, New York (2011). https://doi.org/10.1145/1978672.1978676

  40. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the kdd cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6 (2009)

  41. Song, J., Takakura, H., Okabe, Y.: Traffic Data from Kyoto University’s Honeypots. http://www.takakura.com/Kyoto_data/ (2020). [Online; accessed 1-January-2020]

  42. Patcha, A., Park, J.M.: An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw. 51(12), 3448–3470 (2007)

    Article  Google Scholar 

  43. Nychis, G., Sekar, V., Andersen, D.G., Kim, H., 0001, H.Z.: An empirical evaluation of entropy-based traffic anomaly detection. In: Papagiannaki, K., Zhang, Z.L. (eds.) Internet Measurement Comference, pp. 151–156. ACM (2008)

  44. Androulidakis, G., Chatzigiannakis, V., Papavassiliou, S.: Network anomaly detection and classification via opportunistic sampling. IEEE Netw. 23(1), 6–12 (2009). https://doi.org/10.1109/MNET.2009.4804318

    Article  Google Scholar 

  45. Jolliffe, I.T.: Principal Component Analysis, 2nd edn. Springer, Berlin (2002)

    MATH  Google Scholar 

  46. Shirazi, H.: Anomaly intrusion detection system using information theory, k-nn and kmc algorithms. Aust. J. Basic Appl. Sci. 3, 2581–2597 (2009)

    Google Scholar 

  47. Lee, H., Song, J., Park, D.: Intrusion detection system based on multi-class svm. In: Slezak, D., Yao, J., Peters, J.F., Ziarko, W., Hu, X. (eds.) Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing, pp. 511–519. Springer, Berlin (2005)

    Chapter  Google Scholar 

  48. Plassman, G.E.: A survey of singular value decomposition methods and performance comparison of some available serial codes. NASA Technical Report CR-2005-213500 (2005)

  49. Jäckle, D., Fischer, F., Schreck, T., Keim, D.A.: Temporal MDS plots for analysis of multivariate data. IEEE Trans. Vis. Comput. Graph. 22(1), 141–150 (2016). https://doi.org/10.1109/TVCG.2015.2467553

    Article  Google Scholar 

  50. Eick, S.G., Karr, A.F.: Visual scalability. J. Comput. Graph. Stat. 11(1), 22–43 (2002). https://doi.org/10.1198/106186002317375604

    Article  MathSciNet  Google Scholar 

  51. Tufte, E.R.: Visual Explanations: Images and Quantities, Evidence and Narrative . Graphics Press (1997)

  52. Jeong, D.H., Ziemkiewicz, C., Ribarsky, W., Chang, R.: Understanding principal component analysis using a visual analytics tool (2009)

  53. Keim, D.A., Kriegel, H.P., Seidl, T.: Visual feedback in querying large databases. In: Nielson, G.M., Bergeron, R.D. (eds.) IEEE Visualization, pp. 158–165. IEEE Computer Society (1993)

  54. Keim, D.A.: Designing pixel-oriented visualization techniques: theory and applications. IEEE Trans. Vis. Comput. Graph. 6(1), 59–78 (2000). https://doi.org/10.1109/2945.841121

    Article  Google Scholar 

  55. Jeong, D.H., Dou, W., Ribarsky, W., Chang, R.: Knowledge-oriented refactoring in visualization (2009)

  56. Xiao, L., Gerth, J., Hanrahan, P.: Enhancing visual analysis of network traffic using a knowledge representation. In: VAST ’06: Proceedings of the IEEE Symposium on Visual Analytics Science And Technology, 2006, pp. 107–114 (2006)

  57. Keim, D.A., Schneidewind, J., Sips, M.: Scalable pixel based visual data exploration. In: Lévy, P.P., Le Grand, B., Poulet, F., Soto, M., Darago, L., Toubiana, L., Vibert, J.F. (eds.) Pixelization Paradigm, pp. 12–24. Springer, Berlin (2007)

    Chapter  Google Scholar 

  58. Tamassia, R., Palazzi, B., Papamanthou, C.: Graph drawing for security visualization. In: Tollis, I.G., Patrignani, M. (eds.) Graph Drawing, pp. 2–13. Springer, Berlin (2009)

    Chapter  Google Scholar 

  59. Fruchterman, T.M.J., Reingold, E.M.: Graph drawing by force-directed placement. Softw. Pract. Exp. 21(11), 1129–1164 (1991). https://doi.org/10.1002/spe.4380211102

    Article  Google Scholar 

  60. Gajer, P., Kobourov, S.G.: Grip: Graph drawing with intelligent placement. In: Marks, J. (ed.) Graph Drawing, Lecture Notes in Computer Science, vol. 1984, pp. 222–228. Springer, Berlin (2000)

  61. Dasgupta, S., Long, P.M.: Performance guarantees for hierarchical clustering. J. Comput. Syst. Sci. 70(4), 555–569 (2005). https://doi.org/10.1016/j.jcss.2004.10.006

    Article  MathSciNet  MATH  Google Scholar 

  62. Abello, J., van Ham, F., Krishnan, N.: Ask-graphview: a large scale graph visualization system. IEEE Trans. Vis. Comput. Graph. 12(5), 669–676 (2006). https://doi.org/10.1109/TVCG.2006.120

    Article  Google Scholar 

  63. Shneiderman, B.: The eyes have it: a task by data type taxonomy for information visualizations. In: Proceedings 1996 IEEE Symposium on Visual Languages, pp. 336–343 (1996)

  64. Yi, J.S., Kang, Ya., Stasko, J., Jacko, J.: Toward a deeper understanding of the role of interaction in information visualization. IEEE Trans. Vis. Comput. Graph. 13(6), 1224–1231 (2007). https://doi.org/10.1109/TVCG.2007.70515

    Article  Google Scholar 

  65. Jeong, D.H., Ziemkiewicz, C., Fisher, B.D., Ribarsky, W., Chang, R.: ipca: an interactive system for PCA-based visual analytics. Comput. Graph. Forum 28(3), 767–774 (2009)

    Article  Google Scholar 

  66. Hong, J., Jeong, D.H., Shaw, C.D., Ribarsky, W., Borodovsky, M., Song, C.: Gvis: A scalable visualization framework for genomic data. In: EUROVIS 2005: Proceedings of the Eurographics/IEEE VGTC Symposium on Visualization 2005, pp. 191–198 (2005)

  67. Carpendale, S.: Evaluating Information Visualizations, pp. 19–45. Springer, Berlin (2008). https://doi.org/10.1007/978-3-540-70956-5_2

  68. Kandel, S., Heer, J., Plaisant, C., Kennedy, J., van Ham, F., Riche, N.H., Weaver, C., Lee, B., Brodbeck, D., Buono, P.: Research directions in data wrangling: visualizations and transformations for usable and credible data. Inf. Vis. J. 10, 271–288 (2011)

    Article  Google Scholar 

  69. Madan, C.R., Bayer, J., Gamer, M., Lonsdorf, T.B., Sommer, T.: Visual complexity and affect: ratings reflect more than meets the eye. Front. Psychol. 8, 2368–2368 (2018). https://doi.org/10.3389/fpsyg.2017.02368

    Article  Google Scholar 

  70. Duffy, B., Dasgupta, A., Kosara, R., Walton, S.J., Chen, M.: Measuring visual complexity of cluster-based visualizations. CoRR (2013). arXiv:1302.5824

  71. Wang, Y., Archambault, D., Haleem, H., Moeller, T., Wu, Y., Qu, H.: Nonuniform timeslicing of dynamic graphs based on visual complexity. In: 2019 IEEE Visualization Conference (VIS), pp. 1–5 (2019). https://doi.org/10.1109/VISUAL.2019.8933748

  72. Eick, S.G., Karr, A.F.: Visual scalability. J. Comput. Graph. Stat. 11(1), 22–43 (2002)

    Article  MathSciNet  Google Scholar 

  73. Reid, N.: Data visualization: a guide to visual storytelling for libraries. J. Med. Libr. Assoc. 106, 135 (2018). https://doi.org/10.5195/JMLA.2018.346

    Article  Google Scholar 

  74. Herman, I., Melancon, G., Marshall, M.S.: Graph visualization and navigation in information visualization: a survey. IEEE Trans. Vis. Comput. Graph. 6(1), 24–43 (2000). https://doi.org/10.1109/2945.841119

    Article  Google Scholar 

  75. Inselberg, A.: Parallel Coordinates: Visual Multidimensional Geometry and Its Applications, 1st edn. Springer, Berlin (2017)

    MATH  Google Scholar 

  76. Heinrich, J., Weiskopf, D.: State of the art of parallel coordinates. In: Sbert, M., Szirmay-Kalos, L. (eds.) Eurographics 2013-State of the Art Reports. The Eurographics Association (2013). https://doi.org/10.2312/conf/EG2013/stars/095-116

  77. Komlodi, A., Rheingans, P., Goodall, J.R.: A user-centered look at glyph-based security visualization. In: IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05), pp. 21–28 (2005). https://doi.org/10.1109/VIZSEC.2005.1532062

  78. Kintzel, C., Fuchs, J., Mansmann, F.: Monitoring large IP spaces with clockview. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, VizSec ’11, pp. 2:1–2:10. ACM, New York (2011). https://doi.org/10.1145/2016904.2016906

  79. Fischer, F., Fuchs, J., Vervier, P.A., Mansmann, F., Thonnard, O.: Vistracer: A visual analytics tool to investigate routing anomalies in traceroutes. In: Proceedings of the Ninth International Symposium on Visualization for Cyber Security, VizSec ’12, pp. 80–87. ACM, New York (2012). https://doi.org/10.1145/2379690.2379701

  80. Brand, M.: Fast low-rank modifications of the thin singular value decomposition. Linear Algebra Appl. 415(1), 20–30 (2006)

    Article  MathSciNet  Google Scholar 

  81. Oelke, D., Janetzko, H., Simon, S., Neuhaus, K., Keim, D.A.: Visual boosting in pixel-based visualizations. Comput. Graph. Forum 30(3), 871–880 (2011). https://doi.org/10.1111/j.1467-8659.2011.01936.x

    Article  Google Scholar 

  82. Janetzko, H., Stoffel, F., Mittelstädt, S., Keim, D.A.: Anomaly detection for visual analytics of power consumption data. Comput. Graph. 38, 27–37 (2014). https://doi.org/10.1016/j.cag.2013.10.006

    Article  Google Scholar 

  83. Elmqvist, N., Fekete, J.D.: Hierarchical aggregation for information visualization: overview, techniques, and design guidelines. IEEE Trans. Vis. Comput. Graph. 16(3), 439–454 (2010). https://doi.org/10.1109/TVCG.2009.84

    Article  Google Scholar 

  84. Vamsi, P.R., Kant, K.: Trust aware data aggregation and intrusion detection system for wireless sensor networks. Int. J. Smart Sens. Intell. Syst. 9(1178–5608), 537–562 (2016). https://doi.org/10.21307/ijssis-2017-883

    Article  Google Scholar 

  85. Zhang, D., Ge, L., Yu, W., Zhang, H., Hardy, R.L., Reschly, R.J.: On effective data aggregation techniques in host-based intrusion detection in manet. Int. J. Secur. Netw. 8(4), 179–193 (2013). https://doi.org/10.1504/IJSN.2013.058152

    Article  Google Scholar 

  86. Chou, J.K., Bryan, C., Li, J., Ma, K.L.: An empirical study on perceptually masking privacy in graph visualizations. In: 15th IEEE Symposium on Visualization for Cyber Security (2018)

  87. Campbell, W., Dagli, C., Weinstein, C.: Social network analysis with content and graphs. Lincoln Lab. J. 20, 62–81 (2013)

    Google Scholar 

  88. Mansmann, F., Fischer, F., Keim, D.A., North, S.C.: Visual support for analyzing network traffic and intrusion detection events using treemap and graph representations. In: Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology, CHiMiT ’09, pp. 3:19–3:28. ACM, New York (2009). https://doi.org/10.1145/1641587.1641590

  89. Aris, A., Shneiderman, B.: A node aggregation strategy to reduce complexity of network visualization using semantic substrates. Inf. Vis. 6(4), 281–300 (2010)

    Article  Google Scholar 

  90. Mansmann, F.: Visual analysis of network traffic—interactive monitoring, detection, and interpretation of security threats. Ph.D. dissertation, University of Konstanz (2008)

  91. Noel, S., Jacobs, M., and: Multiple coordinated views for network attack graphs. In: IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05), pp. 99–106 (2005). https://doi.org/10.1109/VIZSEC.2005.1532071

  92. Harrison, L., Hu, X., Ying, X., Lu, A., Wang, W., Wu, X.: Interactive detection of network anomalies via coordinated multiple views. In: Proceedings of the Seventh International Symposium on Visualization for Cyber Security, VizSec ’10, pp. 91–101. ACM, New York (2010). https://doi.org/10.1145/1850795.1850806

  93. Karapistoli, E., Sarigiannidis, P., Economides, A.A.: Srnet: a real-time, cross-based anomaly detection and visualization system for wireless sensor networks. In: Proceedings of the Tenth Workshop on Visualization for Cyber Security, VizSec ’13, pp. 49–56. ACM, New York (2013). https://doi.org/10.1145/2517957.2517964

  94. Grinstein, G., Trutschl, M., Cvek, U.: High-dimensional visualizations. In: Proceedings of the Data Mining Conference (KDD) (2001)

  95. Putz, W.: The hierarchical visualization system. Master’s thesis, Graz University of Technology (2005)

Download references

Acknowledgements

The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Office or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation herein.

Funding

Research was sponsored by the Army Research Office and was accomplished under Grant Number W911NF-18-1-0460.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Dong Hyun Jeong.

Ethics declarations

Conflict of interest

Author Soo-Yeon Ji declares that she has no conflict of interest. Author Bong-Keun Jeong declares that he has no conflict of interest. Author Dong Hyun Jeong declares that he has no conflict of interest.

Ethical approval

This article does not contain any studies with human participants performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Research was sponsored by the Army Research Office and was accomplished under Grant Number W911NF-18-1-0460.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ji, SY., Jeong, BK. & Jeong, D.H. Evaluating visualization approaches to detect abnormal activities in network traffic data. Int. J. Inf. Secur. 20, 331–345 (2021). https://doi.org/10.1007/s10207-020-00504-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-020-00504-9

Keywords

Navigation