Title :
Real-time visualization of network attacks on high-speed links
Author :
Kim, Hyogon ; Kang, Inhye ; Bahk, Saewoong
Author_Institution :
Korea Univ., Seoul, South Korea
Abstract :
This article shows that malicious traffic flows such as denial-of-service attacks and various scanning activities can be visualized in an intuitive manner. A simple but novel idea of plotting a packet using its source IP address, destination IP address, and the destination port in a 3-dimensional space graphically reveals ongoing attacks. Leveraging this property, combined with the fact that only three header fields per each packet need to be examined, a fast attack detection and classification algorithm can be devised.
Keywords :
IP networks; data visualisation; real-time systems; telecommunication links; telecommunication security; telecommunication traffic; IP address; attack classification algorithm; attack detection algorithm; denial-of-service attacks; high-speed links; legitimate signatures; malicious traffic flows; network attacks; real-time visualization; Bandwidth; Computer crime; Computer hacking; Costs; Floods; Network servers; Probes; Spine; Telecommunication traffic; Visualization;
Journal_Title :
Network, IEEE
DOI :
10.1109/MNET.2004.1337733
