Interactive Detection of Network Anomalies Via Coordinated Multiple Views

This paper presents a new approach to intrusion detection that supports the identification and analysis of network anomalies using an interactive Coordinated Multiple Views (CMV) mechanism. A CMV visualization consisting of a node-link diagram, scatterplot, and time histogram is described that allows interactive analysis from different perspectives, as some network anomalies can only be identified through joint features in the provided spaces. Spectral analysis methods are integrated to provide visual cues that allow identification of malicious nodes.

Provided by: Association for Computing Machinery Topic: Security Date Added: Sep 2010 Format: PDF

Find By Topic