Intelligent classification and visualization of network scans

C. Muelder, L. Chen, R. Thomason, Kwan-Liu Ma, T. Bartoletti

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Network scans are a common first step in a network intrusion attempt. In order to gain information about a potential network intrusion, it is beneficial to analyze these network scans. Statistical methods such as wavelet scalogram analysis have been used along with visualization techniques in previous methods. However, applying these statistical methods causes a substantial amount of data loss. This paper presents a study of using associative memory learning techniques to directly compare network scans in order to create a classification which can be used by itself or in conjunction with existing visualization techniques to better characterize the sources of these scans. This produces an integrated system of visual and intelligent analysis which is applicable to real world data.

Original languageEnglish (US)
Title of host publicationVizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security
Pages237-253
Number of pages17
StatePublished - Dec 1 2008
Event4th International Workshop on Computer Security, VizSec 2007 - Sacramento, CA, United States
Duration: Oct 29 2007Oct 29 2007

Other

Other4th International Workshop on Computer Security, VizSec 2007
CountryUnited States
CitySacramento, CA
Period10/29/0710/29/07

Fingerprint

Statistical methods
Visualization
Wavelet analysis
Data storage equipment

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Muelder, C., Chen, L., Thomason, R., Ma, K-L., & Bartoletti, T. (2008). Intelligent classification and visualization of network scans. In VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security (pp. 237-253)

Intelligent classification and visualization of network scans. / Muelder, C.; Chen, L.; Thomason, R.; Ma, Kwan-Liu; Bartoletti, T.

VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. 2008. p. 237-253.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Muelder, C, Chen, L, Thomason, R, Ma, K-L & Bartoletti, T 2008, Intelligent classification and visualization of network scans. in VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. pp. 237-253, 4th International Workshop on Computer Security, VizSec 2007, Sacramento, CA, United States, 10/29/07.
Muelder C, Chen L, Thomason R, Ma K-L, Bartoletti T. Intelligent classification and visualization of network scans. In VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. 2008. p. 237-253
Muelder, C. ; Chen, L. ; Thomason, R. ; Ma, Kwan-Liu ; Bartoletti, T. / Intelligent classification and visualization of network scans. VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security. 2008. pp. 237-253
@inproceedings{427c3602a98c49f881164759d1cffafa,
title = "Intelligent classification and visualization of network scans",
abstract = "Network scans are a common first step in a network intrusion attempt. In order to gain information about a potential network intrusion, it is beneficial to analyze these network scans. Statistical methods such as wavelet scalogram analysis have been used along with visualization techniques in previous methods. However, applying these statistical methods causes a substantial amount of data loss. This paper presents a study of using associative memory learning techniques to directly compare network scans in order to create a classification which can be used by itself or in conjunction with existing visualization techniques to better characterize the sources of these scans. This produces an integrated system of visual and intelligent analysis which is applicable to real world data.",
author = "C. Muelder and L. Chen and R. Thomason and Kwan-Liu Ma and T. Bartoletti",
year = "2008",
month = "12",
day = "1",
language = "English (US)",
isbn = "9783540782421",
pages = "237--253",
booktitle = "VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security",

}

TY - GEN

T1 - Intelligent classification and visualization of network scans

AU - Muelder, C.

AU - Chen, L.

AU - Thomason, R.

AU - Ma, Kwan-Liu

AU - Bartoletti, T.

PY - 2008/12/1

Y1 - 2008/12/1

N2 - Network scans are a common first step in a network intrusion attempt. In order to gain information about a potential network intrusion, it is beneficial to analyze these network scans. Statistical methods such as wavelet scalogram analysis have been used along with visualization techniques in previous methods. However, applying these statistical methods causes a substantial amount of data loss. This paper presents a study of using associative memory learning techniques to directly compare network scans in order to create a classification which can be used by itself or in conjunction with existing visualization techniques to better characterize the sources of these scans. This produces an integrated system of visual and intelligent analysis which is applicable to real world data.

AB - Network scans are a common first step in a network intrusion attempt. In order to gain information about a potential network intrusion, it is beneficial to analyze these network scans. Statistical methods such as wavelet scalogram analysis have been used along with visualization techniques in previous methods. However, applying these statistical methods causes a substantial amount of data loss. This paper presents a study of using associative memory learning techniques to directly compare network scans in order to create a classification which can be used by itself or in conjunction with existing visualization techniques to better characterize the sources of these scans. This produces an integrated system of visual and intelligent analysis which is applicable to real world data.

UR - http://www.scopus.com/inward/record.url?scp=84890908426&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84890908426&partnerID=8YFLogxK

M3 - Conference contribution

SN - 9783540782421

SP - 237

EP - 253

BT - VizSEC 2007 - Proceedings of the Workshop on Visualization for Computer Security

ER -