Abstract
The security data generated in today's network are large-scaled, heterogeneous, and rapidly changing. As a result, the traditional methods fail to meet the needs of analysis on the security data. This paper proposes labelled treemap to visually fuse the multi-source network security logs. Firstly, data sources are classified at their collecting locations, and the objects of security data are taken from three different layers. Secondly, in order to solve the problem of insufficient attribute dimension of treemap, the Glyph is adopted to broaden the representation scope, which can make fusion at data-level on labelled treemap. Finally, by choosing the appropriate feature extraction algorithm for the multi-source data, fusion at feature-level is conducted on time-series diagrams, which can represent the network security situation. The analyses of the network security datasets from VAST Challenge 2013 prove this method having substantial advantages for network analysts to better understand network security situation, identify anomalies, discover attack pattern and remove the false positives, etc.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Networking and Virtual Organisations
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
