Visualizing Network Traffic as Images for Network Anomaly Detection
Samabia Tehsin, and Dr. Shoab Ahmed Khan, and Naveed Sarfraz Khattak, (2007) Visualizing Network Traffic as Images for Network Anomaly Detection. In: Research Excellence and Knowledge Enrichment in ICT: Proceeding of the 2nd International Conference on Informatics, 27th - 28th November 2007, Petaling Jaya, Selangor, Malaysia.
Full text not available from this repository.
National University of Science & Technology, Military College of Signals, Computer Science Dept.
National University of Science & Technology, College of Electrical & Mechanical Engineering, Computer Engineering Dept.
This paper presents novel methodology to visualize network traffic. In this paper, method of transforming network packet header data to image is proposed. Methodology to detect anomalies from these images is also projected. This method can be used for real time anomaly detection and intrusion detection. Images can be processed in a number of ways to extract information from it. This formulation enables techniques from image processing to be applied to the analysis of packet header data to reveal interesting properties of traffic. Network anomaly detection systems can also take help from these processes. This method can detect anomalies in an efficient manner and can be used as the basis of number of new anomaly detection methods. Analysis of results of intrusion detection is also presented. This methodology is evaluated using MIT Lincoln Laboratory 1999 DARPA Off-Line Intrusion Detection Evaluation dataset. Our focus here is to develop an innovative technique for network packet header visualization that will highlight the features of the network data most vulnerable to intrusions. Our approach is compared against ALAD and PHAD techniques and results are reported.
|Item Type:||Conference or Workshop Item (Paper)|
|Keywords:||Intrusion detection, network traffic visualization, denial of service, probes.|
Repository Staff Only: item control page