Abstract
In this speedy and voluminous digital world, the threat detection and reporting are a challenging job for rapid action. The present study deals with a strong and viable solution to overcome different threats, network security using data mining approach and techniques through visual graphical representation. Current research study explained and proposed a novel approach named as ‘integrated network traffic visualization system’. Nevertheless, current framework is working and based on data mining, further help out to demonstrates two new visualization schemes called as: Firstly Grid and secondly Platter. Per framework results, the Grid view is capable of displaying network traffic in different classified grids, based on application layer protocols. Additionally, Platter view visualizes campus area wireless network traffic on a single screen mechanized automatically adjusted with network size. These active schemes are significantly effective to identify and monitor the compromised machines and cuts down reaction time.
Similar content being viewed by others
References
Ware C (2012) Information visualization, perception for design (interactive technologies), 3rd edn
Lakkaraju K, Yurcik W, Lee A J (2004) NVisionIP: netflow visualizations of system state for security situational awareness. In: ACM workshop on visualization and data mining for computer security, VizSEC/DMSEC’04. ACM, pp 65–72
Ball R, Fink GA, North C (2004) Home-centric visualization of network traffic for security administration. In: ACM workshop on visualization and data mining for computer security, VizSEC/DMSEC’04. ACM, pp 55–64
Ahmad I, Abdullah AB, Alghamdi AS (2009) Application of artificial neural network in detection of probing attacks. In: IEEE symposium on industrial electronics and applications ISIEA 2009. IEEE, pp 557–562
Westphal C (2009) Data mining for intelligence, fraud, and criminal detection. CRC Press, Boca Raton. ISBN 13:978-1-4200-6723-1
Golnabi K, Min RK, Khan L, Al-Shaer E (2006) Analysis of firewall policy rules using data mining techniques. In: 10th IEEE/IFIP, network operations and management symposium, NOMS’2006. IEEE, pp 305–315
Vaarandi R (2009) Real-time classification of IDS alerts with data mining techniques. In: Military communications conference, MILCOM 2009. IEEE, pp 1–7
Swing E (1998) Flodar: flow visualization of network traffic. Comput Graph Appl IEEE 18(5):6–8
Estrin D, Handley M, Heidermann J, McCanne S, Xu Y, Yu H (2000) Network visualization with Nam, the VINT network administrator. IEEE Comput
Yin X, Yurcik W, Treaster M (2004) VisFlowConnect: NetFlow visualizations of link relationships for security situational awareness. In: ACM workshop on visualization and data mining for computer security,VizSEC/DMSEC’04. ACM. doi:1-58113-974-8/04/0010
Fink GA, Muessig P, North C (2005) Visual correlation of host processes and network traffic. In: IEEE workshop on visualization for computer security, VizSEC 05. IEEE, pp 11–19
Kim SS, Reddy ALN (2005) NetViewer: a network traffic and analysis tool. In: 19th large installation system administration conference, LISA’05(19). USENIX, pp 185–196
Estan C, Magin G (2005) Interactive traffic analysis and visualization with Wisconsin Netpy. In: 19th large installation system administration conference, LISA 05(19). USENIX, pp 177–184
Abdullah K, Lee CP, Conti G, Copeland JA, Stasko J (2005) IDS RainStorm: visualizing IDS alarms. In: IEEE workshop on visualization for computer security, VizSEC 05, pp 1–10
Conti G (2006) http://www.rumint.org. Accessed 20 Jan 2013
Marty R (2005) http://afterglow.sourceforge.net/. Accessed 20 Jan 2013
Marty R (2008) http://www.secviz.org/node/89. Accessed 20 Jan 2013
Reil JPV, Irwin B (2006) InetVis, a visual tool for network telescope traffic analysis. In: International conference on computer graphics, virtual reality, visualisation and interaction in Africa, AFRIGRAPH 2006. ACM, pp 85–89
Oberheide J, Goff M, Karir M (2006) Flamingo: visualizing internet traffic. In: Proceedings of the 10th IEEE/IFIP network operations and management symposium. IEEE, pp 150–161
Decker E, Hill S, Hebel K (2005) http://nfsen.sourceforge.net/#mozTocId201388. Accessed 20 Jan 2013
Godinho I, Meiguins B, Gonçalves A, Carmo C, Garcia M, Almeida L, Lourenço R (2007) PRISMA—a multidimensional information visualization tool using multiple coordinated views. In: 11th international conference on information visualization (IV’07). IEEE, pp 23–32
Taylor T, Paterson D, Glanfield J, Gates C, Brooks S, McHugh J (2009) FloVis: flow visualization system. In: Cybersecurity applications and technology conference for homeland security. IEEE, pp 186–198
Allen M, McLachlan P (2009) NAV—network analysis visualization. University of British Columbia. [Online, 29 May 2009]
Goodall JR, Sowul M (2009) VIAssist: visual analytics for cyber defense. In: Technologies for homeland security, HST’09. IEEE, pp 143–150
Jiawan Z, Liang L, Liangfu L, Ning Z (2008) A novel visualization approach for efficient network scans detection. In: International conference on security technology, SECTECH’08. IEEE, pp 23–26
Osborne G, Turnbull B, Slay J (2010) The ‘Explore, Investigate and Correlate’ (EIC) conceptual framework for digital forensics information visualisation. In: ARES’10 international conference on availability, reliability, and security. IEEE, pp 629–634
Lu LF, Zhang JW, Huang ML, Fu L (2010) A new concentric-circle visualization of multi-dimensional data and its application in network security. J Vis Lang Comput 21:194–208
Creese S, Goldsmith M, Moffat N, Happa J, Agrafiotis I (2013) CyberVis: visualizing the potential impact of cyber attacks on the wider enterprise. In: International conference on technologies for homeland security, HST’2013. IEEE, pp 73–79
Singh MP, Subramanian N, Rajamenakshi (2009) Visualization of Flow Data Based on Clustering Technique for Identifying Network Anomalies. In: IEEE symposium on industrial electronics and applications, ISIEA 2009. IEEE, pp 973–978
Shneiderman B (1996) The eyes have it: a task by data type taxonomy of information visualizations. In: IEEE symposium on visual languages. IEEE, pp 336–343
Acknowledgments
We are thankful CITM Department of Thapar University, Patiala, India for allowing the testing of INTVS.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bhardwaj, A.K., Singh, M. Data mining-based integrated network traffic visualization framework for threat detection. Neural Comput & Applic 26, 117–130 (2015). https://doi.org/10.1007/s00521-014-1701-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-014-1701-2