By Topic

Multi-dimensional visualization for network forensic analysis

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Promrit, N. ; Fac. of Inf. Technol., King Mongkut''s Univ. of Technol. North Bangkok, Bangkok, Thailand ; Mingkhwan, A. ; Simcharoen, S. ; Namvong, N.

This research studies the offense on a computer network with multiple dimensions of network traffic and logs using parallel coordinates to show relationships of various parameters such as user, source ip address, time, destination ip address, destination service and domain name. The aim is to test the hypothesis that this technique is able to identify patterns of attacks and the behavior of offenders. Initially the attacks were simulated by creating text file dataset. The results of the experiment showed that (i) Attacked signatures are various depending on the situation of attack. (ii) Analyst can observe the attacks obviously in details. In addition, researchers proposed-user investigations with visualization time machine for network forensic (UIV) as a tool for analyzing the behavior on a computer network, the results also showed that (iii) it is possible to track an individual's behavior using this tool.

Published in:

Networked Computing (INC), 2011 The 7th International Conference on

Date of Conference:

26-28 Sept. 2011