Skip to main content
SpringerLink
Log in

Data mining-based integrated network traffic visualization framework for threat detection

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

In this speedy and voluminous digital world, the threat detection and reporting are a challenging job for rapid action. The present study deals with a strong and viable solution to overcome different threats, network security using data mining approach and techniques through visual graphical representation. Current research study explained and proposed a novel approach named as ‘integrated network traffic visualization system’. Nevertheless, current framework is working and based on data mining, further help out to demonstrates two new visualization schemes called as: Firstly Grid and secondly Platter. Per framework results, the Grid view is capable of displaying network traffic in different classified grids, based on application layer protocols. Additionally, Platter view visualizes campus area wireless network traffic on a single screen mechanized automatically adjusted with network size. These active schemes are significantly effective to identify and monitor the compromised machines and cuts down reaction time.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

References

  1. Ware C (2012) Information visualization, perception for design (interactive technologies), 3rd edn

  2. Lakkaraju K, Yurcik W, Lee A J (2004) NVisionIP: netflow visualizations of system state for security situational awareness. In: ACM workshop on visualization and data mining for computer security, VizSEC/DMSEC’04. ACM, pp 65–72

  3. Ball R, Fink GA, North C (2004) Home-centric visualization of network traffic for security administration. In: ACM workshop on visualization and data mining for computer security, VizSEC/DMSEC’04. ACM, pp 55–64

  4. Ahmad I, Abdullah AB, Alghamdi AS (2009) Application of artificial neural network in detection of probing attacks. In: IEEE symposium on industrial electronics and applications ISIEA 2009. IEEE, pp 557–562

  5. Westphal C (2009) Data mining for intelligence, fraud, and criminal detection. CRC Press, Boca Raton. ISBN 13:978-1-4200-6723-1

    Google Scholar 

  6. Golnabi K, Min RK, Khan L, Al-Shaer E (2006) Analysis of firewall policy rules using data mining techniques. In: 10th IEEE/IFIP, network operations and management symposium, NOMS’2006. IEEE, pp 305–315

  7. Vaarandi R (2009) Real-time classification of IDS alerts with data mining techniques. In: Military communications conference, MILCOM 2009. IEEE, pp 1–7

  8. Swing E (1998) Flodar: flow visualization of network traffic. Comput Graph Appl IEEE 18(5):6–8

    Article  Google Scholar 

  9. Estrin D, Handley M, Heidermann J, McCanne S, Xu Y, Yu H (2000) Network visualization with Nam, the VINT network administrator. IEEE Comput

  10. Yin X, Yurcik W, Treaster M (2004) VisFlowConnect: NetFlow visualizations of link relationships for security situational awareness. In: ACM workshop on visualization and data mining for computer security,VizSEC/DMSEC’04. ACM. doi:1-58113-974-8/04/0010

  11. Fink GA, Muessig P, North C (2005) Visual correlation of host processes and network traffic. In: IEEE workshop on visualization for computer security, VizSEC 05. IEEE, pp 11–19

  12. Kim SS, Reddy ALN (2005) NetViewer: a network traffic and analysis tool. In: 19th large installation system administration conference, LISA’05(19). USENIX, pp 185–196

  13. Estan C, Magin G (2005) Interactive traffic analysis and visualization with Wisconsin Netpy. In: 19th large installation system administration conference, LISA 05(19). USENIX, pp 177–184

  14. Abdullah K, Lee CP, Conti G, Copeland JA, Stasko J (2005) IDS RainStorm: visualizing IDS alarms. In: IEEE workshop on visualization for computer security, VizSEC 05, pp 1–10

  15. Conti G (2006) http://www.rumint.org. Accessed 20 Jan 2013

  16. Marty R (2005) http://afterglow.sourceforge.net/. Accessed 20 Jan 2013

  17. Marty R (2008) http://www.secviz.org/node/89. Accessed 20 Jan 2013

  18. Reil JPV, Irwin B (2006) InetVis, a visual tool for network telescope traffic analysis. In: International conference on computer graphics, virtual reality, visualisation and interaction in Africa, AFRIGRAPH 2006. ACM, pp 85–89

  19. Oberheide J, Goff M, Karir M (2006) Flamingo: visualizing internet traffic. In: Proceedings of the 10th IEEE/IFIP network operations and management symposium. IEEE, pp 150–161

  20. Decker E, Hill S, Hebel K (2005) http://nfsen.sourceforge.net/#mozTocId201388. Accessed 20 Jan 2013

  21. Godinho I, Meiguins B, Gonçalves A, Carmo C, Garcia M, Almeida L, Lourenço R (2007) PRISMA—a multidimensional information visualization tool using multiple coordinated views. In: 11th international conference on information visualization (IV’07). IEEE, pp 23–32

  22. Taylor T, Paterson D, Glanfield J, Gates C, Brooks S, McHugh J (2009) FloVis: flow visualization system. In: Cybersecurity applications and technology conference for homeland security. IEEE, pp 186–198

  23. Allen M, McLachlan P (2009) NAV—network analysis visualization. University of British Columbia. [Online, 29 May 2009]

  24. Goodall JR, Sowul M (2009) VIAssist: visual analytics for cyber defense. In: Technologies for homeland security, HST’09. IEEE, pp 143–150

  25. Jiawan Z, Liang L, Liangfu L, Ning Z (2008) A novel visualization approach for efficient network scans detection. In: International conference on security technology, SECTECH’08. IEEE, pp 23–26

  26. Osborne G, Turnbull B, Slay J (2010) The ‘Explore, Investigate and Correlate’ (EIC) conceptual framework for digital forensics information visualisation. In: ARES’10 international conference on availability, reliability, and security. IEEE, pp 629–634

  27. Lu LF, Zhang JW, Huang ML, Fu L (2010) A new concentric-circle visualization of multi-dimensional data and its application in network security. J Vis Lang Comput 21:194–208

    Article  Google Scholar 

  28. Creese S, Goldsmith M, Moffat N, Happa J, Agrafiotis I (2013) CyberVis: visualizing the potential impact of cyber attacks on the wider enterprise. In: International conference on technologies for homeland security, HST’2013. IEEE, pp 73–79

  29. Singh MP, Subramanian N, Rajamenakshi (2009) Visualization of Flow Data Based on Clustering Technique for Identifying Network Anomalies. In: IEEE symposium on industrial electronics and applications, ISIEA 2009. IEEE, pp 973–978

  30. Shneiderman B (1996) The eyes have it: a task by data type taxonomy of information visualizations. In: IEEE symposium on visual languages. IEEE, pp 336–343

Download references

Acknowledgments

We are thankful CITM Department of Thapar University, Patiala, India for allowing the testing of INTVS.

Author information

Authors and Affiliations

  1. L.M. Thapar School of Management, Thapar University, Patiala, 147004, Punjab, India

    Amit Kumar Bhardwaj

  2. Computer Science Engineering Department, Thapar University, Patiala, 147004, Punjab, India

    Maninder Singh

Authors
  1. Amit Kumar Bhardwaj
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maninder Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amit Kumar Bhardwaj.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bhardwaj, A.K., Singh, M. Data mining-based integrated network traffic visualization framework for threat detection. Neural Comput & Applic 26, 117–130 (2015). https://doi.org/10.1007/s00521-014-1701-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-014-1701-2

Keywords

Search

Navigation