ISCAS OpenIR
Bridging the gap of network management and anomaly detection through interactive visualization
Zhang, Tao (1); Liao, Qi (1); Shi, Lei (2)
2014
Conference Name2014 7th IEEE Pacific Visualization Symposium, PacificVis 2014
Pages253-257
Conference DateMarch 4, 2014 - March 7, 2014
Conference PlaceYokohama, Kanagawa, Japan
Indexed TypeEI
Publish PlaceIEEE Computer Society
ISSN21658765
ISBN9781479928736
Department(1) Department of Computer Science, Central Michigan University, United States; (2) State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, China
English AbstractLarge-scale networks have become increasingly challenging to manage. It is vital for a system administrator or network manager to be able to analyze the vast amount of log data in order to detect suspicious behaviors or patterns, possibly due to malicious users/applications or faulty devices. While an intrusion detection system (IDS) log can provide a large number of warnings, exactly which alarms are true while the others are false, and more importantly what are the underlying causes are still difficult to know. To bridge the gap between network log and anomaly discovery, we design and implement a visualization tool that combines multiple commodity visualizations with minimum learning curve. While each individual view is well understood, the effects of such views in analyzing network anomalies are not well studied. Since each visualization technique has advantages as well as limitations in addressing a particular task, we show that these views, when combined and linked together, may provide an effective and lightweight network anomaly analysis tool. The web-based open platform may simplify network administration as well as promote collaborative analysis among researchers. © 2014 IEEE.; Large-scale networks have become increasingly challenging to manage. It is vital for a system administrator or network manager to be able to analyze the vast amount of log data in order to detect suspicious behaviors or patterns, possibly due to malicious users/applications or faulty devices. While an intrusion detection system (IDS) log can provide a large number of warnings, exactly which alarms are true while the others are false, and more importantly what are the underlying causes are still difficult to know. To bridge the gap between network log and anomaly discovery, we design and implement a visualization tool that combines multiple commodity visualizations with minimum learning curve. While each individual view is well understood, the effects of such views in analyzing network anomalies are not well studied. Since each visualization technique has advantages as well as limitations in addressing a particular task, we show that these views, when combined and linked together, may provide an effective and lightweight network anomaly analysis tool. The web-based open platform may simplify network administration as well as promote collaborative analysis among researchers. © 2014 IEEE.
Language英语
Content Type会议论文
URIhttp://ir.iscas.ac.cn/handle/311060/16634
Collection中国科学院软件研究所
Recommended Citation
GB/T 7714
Zhang, Tao ,Liao, Qi ,Shi, Lei . Bridging the gap of network management and anomaly detection through interactive visualization[C]. IEEE Computer Society,2014:253-257.
Files in This Item:
There are no files associated with this item.
Related Services
Recommend this item
Bookmark
Usage statistics
Export to Endnote
Google Scholar
Similar articles in Google Scholar
[Zhang, Tao (1)]'s Articles
[Liao, Qi (1)]'s Articles
[Shi, Lei (2)]'s Articles
Baidu academic
Similar articles in Baidu academic
[Zhang, Tao (1)]'s Articles
[Liao, Qi (1)]'s Articles
[Shi, Lei (2)]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[Zhang, Tao (1)]'s Articles
[Liao, Qi (1)]'s Articles
[Shi, Lei (2)]'s Articles
Terms of Use
No data!
Social Bookmark/Share
All comments (0)
No comment.
 

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.