Paper Info
Title
Combining Visualization and Interaction for Scalable Detection of Anomalies in Network Data.
Abstract
This paper examines the application of visualization to identify and analyze sophisticated network attacks. Given the size and chaotic nature of this type of data needing to be analyzed in order to identify such attacks, novel integrations of visualization and interaction are required. Essentially, the design of the visualization technique had to be performed hand in hand with interaction techniques to ensure that should clusters of activity be identified and need analysis then the user would be able to interact with those clusters. This differs from most visualization work which does not allow for such direct manipulation and thus greatly limits the usability of many techniques for this type of data. This paper discusses the developed visualization techniques and present real world data examples in which both injected and actual attacks are identified. This identification required the examination and removal from consideration, activity deemed to be innocuous.
Year
DOI
Venue
2010
10.1080/08874417.2010.11645437
JOURNAL OF COMPUTER INFORMATION SYSTEMS
Keywords
Field
DocType
Visualization,Network Data,Visual Analytics,Computer Security,Sophisticated Attacks
Data mining,Visualization,Computer science,Network data,Scalability
Journal
Volume
Issue
ISSN
50.0
4.0
0887-4417
Citations 
PageRank 
References 
0
0.34
0
Authors
2
Name
Order
Citations
PageRank
Robert F. Erbacher120227.65
Karen A. Forcht26914.04