21 May 2013 On detection and visualization techniques for cyber security situation awareness
Author Affiliations +
Networking technologies are exponentially increasing to meet worldwide communication requirements. The rapid growth of network technologies and perversity of communications pose serious security issues. In this paper, we aim to developing an integrated network defense system with situation awareness capabilities to present the useful information for human analysts. In particular, we implement a prototypical system that includes both the distributed passive and active network sensors and traffic visualization features, such as 1D, 2D and 3D based network traffic displays. To effectively detect attacks, we also implement algorithms to transform real-world data of IP addresses into images and study the pattern of attacks and use both the discrete wavelet transform (DWT) based scheme and the statistical based scheme to detect attacks. Through an extensive simulation study, our data validate the effectiveness of our implemented defense system.
© (2013) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Wei Yu, Wei Yu, Shixiao Wei, Shixiao Wei, Dan Shen, Dan Shen, Misty Blowers, Misty Blowers, Erik P. Blasch, Erik P. Blasch, Khanh D. Pham, Khanh D. Pham, Genshe Chen, Genshe Chen, Hanlin Zhang, Hanlin Zhang, Chao Lu, Chao Lu, "On detection and visualization techniques for cyber security situation awareness", Proc. SPIE 8739, Sensors and Systems for Space Applications VI, 87390R (21 May 2013); doi: 10.1117/12.2015887; https://doi.org/10.1117/12.2015887

Back to Top