Abstract
In the last years, the exponential growth of computer networks has created an incredibly increase of network data traffic. The management becomes a challenging task, requesting a continuous monitoring of the network to detect and diagnose problems, and to fix problems and to optimize performance. Tools, such as Tcpdump and Snort are commonly used as network sniffer, logging and analysis applied on a dedicated host or network segment. They capture the traffic and analyze it for suspicious usage patterns, such as those that occur normally with port scans or Denial-of-service attacks. These tools are very important for the network management, but they do not take advantage of human cognitive capacity of the learning and pattern recognition. To overcome this limitation, this paper aims to present a visual interactive and multiprojection 3D tool with automatic data classification for attack detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
TCPDUMP. TCPDUMM & LIBPCAP, http://www.tcpdump.org/ (accessed September 2012)
NGREP, Ngrep – networl grep, http://ngrep.sourceforge.net/ (accessed September 2012)
SNORT. Snort:Home Page, http://www.snort.org/ (accessed September 2012)
Papa, J.P., Falcão, A.X., Suzuki, C.T.N.: Supervised Pattern Classification based on Optimum-Path Forest. Journal of Imaging Systems and Technology 19(2), 120–131 (2009) ISSN: 0899-9457
ETHERAPE. EtherApe, a graphical network monitor, http://etherape.sourceforge.net/ (accessed September 2012)
Ball, R., Fink, G.A., North, C.: Home-Centric Visualization of Network Traffic for Security Administration. In: VizSEC/DMSEC 2004: Proceedings of the 2004 ACM Workshop on Visualization and, pp. 55–64. ACM Press (2004)
Lau, S.: The Spinning Cube of Potential Doom. Communications of the ACM 47(6) (June 2004)
Lakkaraju, K., Yurcik, W., Lee, A.J.: NVisionIP: netflow visualizations of system state for security situational awareness. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining For Computer Security, VizSEC/DMSEC 2004, Washington DC, USA, pp. 65–72. ACM, New York (2004), doi: http://doi.acm.org/10.1145/1029208.1029219
SNORT. Snort network intrusion prevention and detection system, http://www.snort.org (accessed September 2012)
TRAFSHOW. Network traffic monitoring utility, http://linux.maruhn.com/sec/trafshow.html (accessed September 2012)
SYMANTEC. Symantec – Confidence in a connected world, http://www.symantec.com/threatreport/topic.jsp?id=highlights (accessed September 2012)
Khan, M., Khan, S.S.: Data and Information Visualization Methods, and Interactive Mechanisms: A Survey. International Journal of Computer Applications 34(1), 0975–8887 (2011)
WIIUSEJ. Java Api for Wiimotes: WiiUseJ, http://code.google.com/p/wiiusej/ (accessed September 2012)
OPENNI. OpenNI – Introducing OpenNI, http://openni.org/ (accessed September 2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Dias, D.R.C., Brega, J.R.F., Trevelin, L.C., Gnecco, B.B., Papa, J.P., de Paiva Guimarães, M. (2014). 3D Network Traffic Monitoring Based on an Automatic Attack Classifier. In: Murgante, B., et al. Computational Science and Its Applications – ICCSA 2014. ICCSA 2014. Lecture Notes in Computer Science, vol 8580. Springer, Cham. https://doi.org/10.1007/978-3-319-09129-7_26
Download citation
DOI: https://doi.org/10.1007/978-3-319-09129-7_26
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-09128-0
Online ISBN: 978-3-319-09129-7
eBook Packages: Computer ScienceComputer Science (R0)