Share Email Print

Proceedings Paper

A tri-linear visualization for network anomaly detection
Author(s): Robert B. Whitaker; Robert F. Erbacher
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

This research discusses a novel application of ternary plots to the visualization of network traffic data. These plots prove to be enormously effective at identifying anomalous network activity and can be valuable in monitoring network activity much more efficiently than can be done with existing techniques. The visualization was implemented in our existing visualization infrastructure to reduce development time. Testing was performed on actual network traffic data collected from a local network. Multiple anomalies were easily identifiable within the data set without any prior knowledge as to the contents of the test file. This paper discusses the ternary plot and its application to network traffic data, the formulas needed to calculate and display ternary coordinates, and the basic architecture for the visualization implementation.

Paper Details

Date Published: 24 January 2011
PDF: 12 pages
Proc. SPIE 7868, Visualization and Data Analysis 2011, 78680P (24 January 2011); doi: 10.1117/12.872697
Show Author Affiliations
Robert B. Whitaker, Utah State Univ. (United States)
Robert F. Erbacher, Northwest Security Institute (United States)

Published in SPIE Proceedings Vol. 7868:
Visualization and Data Analysis 2011
Pak Chung Wong; Jinah Park; Ming C. Hao; Chaomei Chen; Katy Börner; David L. Kao; Jonathan C. Roberts, Editor(s)

© SPIE. Terms of Use
Back to Top