Abstract
With the rapid growth of networks in size and complexity, netwok administrators today are facing more and more challenges for protecting their networked computers and other devices from all kinds of attacks. Unlike the traditional methods of analyzing textual log data, a visual interactive system called DDoSViewer is proposed in this paper for detecting DDoS kind of network attacks. DDoSViewer is specifically designed for detecting DDoS attacks through the analysis of visual patterns. We will discuss the data sources, visual structures and interactive functions that are used in the proposed visualization system. We will also discuss the advantages and disadvantages of the existing visual solutions for DDoS detection. The extraction and analysis of network data, the calculation and display of graphic elements’ attributes and the pre-characteristics of DDoS attacks are all included in the new visualization technique. The experiments showed that the new system can detect DDoS attacks effectively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
X. Yin, W. Yurcik,: et al. “VisFlowConnect: NetFlow Visualizations of Link Relationships for Security Situational Awareness.” Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. Washington, DC, USA, ACM Press.
Robert F. Erbacher.: “Visual traffic monitoring and evaluation”. In Proceedings of the Conference on Internet Performance and Control of Network Systems II, 2001, pp 153–160.
L. Girardin and D. Brodbeck.: “A visual approach for monitoring logs”. In Proceedings of the 12th Usenix System Administration conference, 1998, pp 299–308.
Chris Muelder, Kwan-Liu Ma and Tony Bartoletti,: A Visualization Methodology for Characterization of Network Scans, Visualization for Computer Security, 2005, pp.29-38
J. Pearlman, P.R.: Visualizing Network Security Events Using Compound Glyphs from a Service-Oriented Perspective. In Visualization for Computer Security. VizSEC 2007:Proceedings of the Workshop on Visualization for Computer Security, 2007, pp. 131∼146.
Chris P. Lee, J.T., Nicholas Gibbs,Raheem Beyah,John A. Copeland.: Visual Firewall: Realtime Network Security Monitor. in IEEE Workshop on Visualization for Computer Security 2005 (VizSEC 05), 2005:129∼136.
Christos Papadopoulos, C.K., Alexander Sawchuk, Xinming He. CyberSeer: 3D Audio-Visual Immersion for Network Security and Management. in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004. Washington, DC, USA: ACM Press,pp:90∼98.
A. Hussain, J.H.a.C.P.: A Framework for Classifying Denial of Service Attacks. in Sigcomm 2003. Karlsruhe, Germany. 2003:99∼110.
Muelder, C., Ma, K.L., Bartoletti, T.: A visualization methodology for characterization of network scans. Visualization for Computer Security, IEEE Workshops, 2005, pp. 4 - 4.
Conti, G., Abdullah, K.: “Passive visual fingerprinting of network attack tools”. VizSEC/DMSEC ’04: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, 2004,pp. 45 - 54
Jonathan McPherson, Kwan-Liu Ma, Paul Krystosk, Tony Bartoletti, Marvin Christensen.:Portvis: “A tool for port-based detection of security events”. In: ACM VizSEC 2004 Workshop, 2004, pp. 73 - 81
Pin Ren, Yan Gao and Zhichun Li,: “IDGraphs: Intrusion Detection and Analysis Using Histographs”, Visualization for Computer Security, 2005, pp.39-46
Stuart K. Card, Jock D. Mackinlay and Ben Shneiderman,: “Readings in information visualization: using vision to think”, Morgan Kaufmann Publishers, 1999
Rawiroj Robert Kasemsri,: “A Survey, Taxonomy, and Analysis of Network Security Visualization Techniques” [Master Paper], USA, Georgia State University, 2005
Richard A. Becker, Stephen G. Eick, and Allan R.Wilks. :“Visualizing network data”. IEEE Transactions on Visualization and ComputerGraphics,1995 1(1):pp.16–28.
Prefuse, http://www.prefuse.org/
Mukosaka, S.;,Koike, H.:“Integrated visualization system for monitoring security in largescale local area network Visualization”,APVIS ’.2007 6th International Asia-Pacific Symposium, 2007,pp.41– 44
Musa, Shahrulniza, Parish,etc.: “Visualizing Communication Network Security Attacks”,Information Visualization,IV ’07. 11th Internati onal Conference, 2007, pp. 726-733
Pavel Minarik1 , Tomas Dymacek.: “NetFlow Data Visualization Based on Graphs”, In Visualization for Computer Security ,VizSEC 2008: Proceedings of the Workshop on Visualization for Computer Security, 2008, pp. 144-151
Acknowledgments
This work has been supported by National Natural Science Foundation of China under Grant No.60673196; the Natural Science Foundation of Tianjin, P.R. of China, under Grant No. 07F2030.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag US
About this paper
Cite this paper
Zhang, J., Yang, G., Lu, L., Huang, M., Che, M. (2009). A Novel Visualization Method for Detecting DDoS Network Attacks. In: Huang, M., Nguyen, Q., Zhang, K. (eds) Visual Information Communication. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-0312-9_12
Download citation
DOI: https://doi.org/10.1007/978-1-4419-0312-9_12
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-0311-2
Online ISBN: 978-1-4419-0312-9
eBook Packages: Computer ScienceComputer Science (R0)