Paper Info
Title
A real-time network security visualization system based on incremental learning (ChinaVis 2018)
Abstract
The real-time analysis of network data is of great significance to network security. Visualization technology and machine learning can assist in network data analysis from different aspects. However, there is little research regarding combining these two methods to process real-time network data. This paper proposes a novel real-time network security system. Combining unsupervised learning and visualization technology, it can identify network behavior patterns and provide a visualization module to adjust models interactively. The system is primarily divided into three parts. In the feature extraction part, we train a deep auto-encoder to compress the feature dimension. In the behavior pattern recognition part, normal and abnormal pattern SOINNs are trained incrementally. In visualization part, analysts can use multiple views to judge recognition results rapidly and adjust models so that the identification accuracy can be increased. We use the data in VAST Challenge 2013 to show that our system can identify network behavior patterns in real time and find the correlations between them.
Year
DOI
Venue
2019
10.1007/s12650-018-0525-z
Journal of Visualization
Keywords
Field
DocType
Real-time analysis,Network security visualization,Machine learning,Incremental learning,Pattern recognition
Visualization,Incremental learning,Real time analysis,Real time networks,Artificial intelligence,Classical mechanics,Physics
Journal
Volume
Issue
ISSN
22.0
1.0
1875-8975
Citations 
PageRank 
References 
1
0.37
10
Authors
3
Name
Order
Citations
PageRank
Xin Fan1776104.55
Chenlu Li284.52
Xiaoju Dong365.18