By Topic

A study of analyzing network traffic as images in real-time

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Seong Soo Kim ; Dept. of Electr. Eng., Texas A&M Univ., College Station, TX, USA ; A. L. N. Reddy

This paper presents NetViewer, a network measurement approach that can simultaneously detect, identify and visualize attacks and anomalous traffic in real-time by passively monitoring packet headers. We propose to represent samples of network packet header data as frames or images. With such a formulation, a series of samples can be seen as a sequence of frames or video. This enables techniques from image processing and video compression to be applied to the packet header data to reveal interesting properties of traffic. We show that "scene change analysis" can reveal sudden changes in traffic behavior or anomalies. We also show that "motion prediction" techniques can be employed to understand the patterns of some of the attacks. We show that it may be feasible to represent multiple pieces of data as different colors of an image enabling a uniform treatment of multidimensional packet header data. We compare NetViewer with classical detection theory based Neyman-Pearson test and an IDS tool.

Published in:

Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies.  (Volume:3 )

Date of Conference:

13-17 March 2005