Interactive Detection of Network Anomalies Via Coordinated Multiple Views

Date Added: Sep 2010
Format: PDF

This paper presents a new approach to intrusion detection that supports the identification and analysis of network anomalies using an interactive Coordinated Multiple Views (CMV) mechanism. A CMV visualization consisting of a node-link diagram, scatterplot, and time histogram is described that allows interactive analysis from different perspectives, as some network anomalies can only be identified through joint features in the provided spaces. Spectral analysis methods are integrated to provide visual cues that allow identification of malicious nodes.