A new concentric-circle visualization of multi-dimensional data and its application in network security

Fu Lu, L; Wan Zhang, J; Lin Huang, M; Fu, L

A new concentric-circle visualization of multi-dimensional data and its application in network security

Fu Lu, L Wan Zhang, J Lin Huang, M

Fu, L

Permalink

Publication Type:: Journal Article
Citation:: Journal of Visual Languages and Computing, 2010, 21 (4), pp. 194 - 208
Issue Date:: 2010-08-01

Closed Access

	Filename	Description	Size
	2009007684OK.pdf		1.49 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Fu Lu, L	en_US
dc.contributor.author	Wan Zhang, J	en_US
dc.contributor.author	Lin Huang, M https://orcid.org/0000-0002-6896-6480	en_US
dc.contributor.author	Fu, L	en_US
dc.date.issued	2010-08-01	en_US
dc.identifier.citation	Journal of Visual Languages and Computing, 2010, 21 (4), pp. 194 - 208	en_US
dc.identifier.issn	1045-926X	en_US
dc.identifier.uri	http://hdl.handle.net/10453/13490
dc.description.abstract	With the rapid growth of networked data communications in size and complexity, network administrators today are facing more challenges to protect their networked computers and devices from all kinds of attacks. This paper proposes a new concentric-circle visualization method for visualizing multi-dimensional network data. This method can be used to identify the main features of network attacks, such as DDoS attack, by displaying their recognizable visual patterns. To reduce the edge overlaps and crossings, we arrange multiple axes displayed as concentric circles rather than the traditional parallel lines. In our method, we use polycurves to link values (vertexes) rather than polylines used in parallel coordinate approach. Some heuristics are applied in our new method in order to improve the readability of views. We discuss the advantages as well as the limitations of our new method. In comparison with the parallel coordinate visualization, our approach can reduce more than 15% of the edge overlaps and crossings. In the second stage of the method, we have further enhanced the readability of views by increasing the edge crossing angle. Finally, we introduce our prototype system: a visual interactive network scan detection system called CCScanViewer. It is based on our new visualization approach and the experiments have showed that the new approach is effective in detecting attack features from a variety of networking patterns, such as the features of network scans and DDoS attacks. © 2010 Elsevier Ltd.	en_US
dc.relation.ispartof	Journal of Visual Languages and Computing	en_US
dc.relation.isbasedon	10.1016/j.jvlc.2010.05.002	en_US
dc.subject.classification	Software Engineering	en_US
dc.title	A new concentric-circle visualization of multi-dimensional data and its application in network security	en_US
dc.type	Journal Article
utslib.citation.volume	4	en_US
utslib.citation.volume	21	en_US
utslib.for	1702 Cognitive Sciences	en_US
utslib.for	0803 Computer Software	en_US
utslib.for	0801 Artificial Intelligence and Image Processing	en_US
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
pubs.organisational-group	/University of Technology Sydney/Strength - INEXT - Innovation in IT Services and Applications
utslib.copyright.status	closed_access
pubs.issue	4	en_US
pubs.publication-status	Published	en_US
pubs.volume	21	en_US

Abstract:

With the rapid growth of networked data communications in size and complexity, network administrators today are facing more challenges to protect their networked computers and devices from all kinds of attacks. This paper proposes a new concentric-circle visualization method for visualizing multi-dimensional network data. This method can be used to identify the main features of network attacks, such as DDoS attack, by displaying their recognizable visual patterns. To reduce the edge overlaps and crossings, we arrange multiple axes displayed as concentric circles rather than the traditional parallel lines. In our method, we use polycurves to link values (vertexes) rather than polylines used in parallel coordinate approach. Some heuristics are applied in our new method in order to improve the readability of views. We discuss the advantages as well as the limitations of our new method. In comparison with the parallel coordinate visualization, our approach can reduce more than 15% of the edge overlaps and crossings. In the second stage of the method, we have further enhanced the readability of views by increasing the edge crossing angle. Finally, we introduce our prototype system: a visual interactive network scan detection system called CCScanViewer. It is based on our new visualization approach and the experiments have showed that the new approach is effective in detecting attack features from a variety of networking patterns, such as the features of network scans and DDoS attacks. © 2010 Elsevier Ltd.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/13490