Abstract
Intrusion Detection System(IDS) has received attention to deal with the illegal access to the network. However, IDS has a critical problem which outputs a tremendous number of logs. Analyzing these logs apply a large amount of load to a network manager. In this paper, we propose a novel visualization system of IDS considering order relation of IP addresses that emphasize the anomalous warning events based on past tendency.
Article PDF
Avoid common mistakes on your manuscript.
References
T. Toda, H. Inaba. ”A Study on Log Analysis Based on Tendency of IDS Alert Events”(in Japanese), IEICE Technical Report, SITE2010-7, pp.7–12, Jun. 2010.
K. Takemori, Y. Miyake, T. Tanaka, I. Sasase. ”Mod-eling Techniques about Statistical Theory of Attack Events”(in Japanese), Technical Report of IEICE, vol.103, no.691 pp.20–27, Mar. 2004.
K. Takemori, Y. Miyake, K. Nakao, F. Sugaya, I. Sasase. ”A Support System for Analyzing IDS Log Applied to Security Operation Center”(in Japanese), IEICE Trans. A, vol.J87-A, no.6, pp.816–825, Jun. 2004.
L. Li, H. Inaba, K. Wakasugi. ”Notes on 2D Visualization Method for IDS that can Distinguish Individual Warning Event”(in Japanese), IIEEJ Journal, vol.40, no.2 pp.369–376, 2011.
T. Itoh, H. Takakura, and K. Koyamada. ”Hierarchical visualization of network intrusion detection data”, IEEE Computer Graphics Applications, vol.26, no.2 pp.40–47, March/April. 2006.
I.R.V.I. Alarms. ”IDS RainStorm: Visualizing IDS Alarms”,In Proc. IEEE Workshop on Visualization for Computer Security, pp.1–10, Oct. 2005.
S. Mizoguchi, H. Inaba. ”Proposal of 3D Visualization Method for IDS Considering Order Relation of IP addresses”(in Japanese), IEICE Technical Report, vol.111, no.125, pp.19–24, July. 2011.
”Snort”, http://www.snort.org/
M. Roesch.”Snort: Lightweight Intrusion Detection for Networks”,LISA ’99 Proceedings of the 13th USENIX conference on System administration, pp.229–238, Nov. 1999.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/), which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited.
About this article
Cite this article
Kimura, S., Inaba, H. An IDS Visualization System for Anomalous Warning Events. Int J Netw Distrib Comput 2, 45–53 (2014). https://doi.org/10.2991/ijndc.2014.2.1.5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.2991/ijndc.2014.2.1.5