Performance Evaluation of NPA-VM Using Attack Graph Hierarchical Visualization Approach

  IJETT-book-cover  International Journal of Engineering Trends and Technology (IJETT)
© 2014 by IJETT Journal
Volume-15 Number-6
Year of Publication : 2014
Authors : Abhishek Pipliya , Sachin Chirgaiya
  10.14445/22315381/IJETT-V15P254

Citation 

Abhishek Pipliya , Sachin Chirgaiya. "Performance Evaluation of NPA-VM Using Attack Graph Hierarchical Visualization Approach", International Journal of Engineering Trends and Technology (IJETT), V15(6),282-287 Sep 2014. ISSN:2231-5381. www.ijettjournal.org. published by seventh sense research group

Abstract

Internet attacks are on the rise and pose serious security threats to enterprise networks, commercial websites and to the millions of home internet users. Internet attacks are becoming more potent and complex with time. Network traffic visualization tools have successfully enabled security analysts to understand the nature of traffic present in a network. Conversely, these tools rely mainly on human expertise to discover anomalies in traffic and attack patterns. Human capacity to comprehend massive amounts of time-varying data is limited and network visualization tools need further visual aid to extract interesting patters from such large and complex data sets. Our approach is to search and highlight user-specified graph patterns in network traffic logs[1]. By visualizing a set of simple graph patterns, analysts can put together visual pieces of information conveyed by these smaller patterns and can learn about larger and more complex patterns. Theatrical performance of network traffic pattern in graphic language is visually intuitive, powerful and flexible specification and overcomes the limitation of poor pattern specification formats existing in the current tools. Therefore, our approach gives way to an iterative visual investigation and enables rapid discovery of more sophisticated attack patterns and anomalous features which are otherwise undetectable by standard network traffic visualization tools. [2]

References

[1] E. Bethel, S. Campbell, E. Dart, K. Stockinger, and null Kesheng Wu.Accelerating network traffic analytics using query-driven visualization.Symposium On Visual Analytics Science And Technology, 0:115–122, 2006.
[2] L. P. Cordella, P. Foggia, C. Samson, and M. Veneto. A (sub) graph isomorphism algorithm for matching large graphs. Pattern Analysis and Machine Intelligence, IEEE Transactions on, 26(10):1367–1372,2004.
[3] J. Ellison, E. R. Gansner, E. Koutsofios, S. C. North, and G. Woodhull. Graphviz - open source graph drawing tools. Graph Drawing, pages483–484, 2001.
[4] T. M. J. Fruchterman and E. M. Reingold. Graph drawing by force directed placement. Software: Practice and Experience, 21(11):1129–1164, 1991.
[5] T. M. J. Fruchterman and E. M. Reingold. Graph drawing by force directed placement. Softw. Pract. Expert. 21 (11): 1129–1164, 1991.
[6] E. Gansner, E. Koutsofios, and S. North. Drawing graphs with dot.http://www.graphviz.org/Documentation/dotguide.pdf.
[7] M. Garey and D. Johnson. Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freema, 1979.
[8] G. GU, R. Perdisci, J. Zhang, and W. Lee. BotMiner: Clustering analysis of network traffic for protocol- and structure-independent botnetdetection. In Proceedings of the 17th USENIX Security Symposium(Security’08), 2008.
[9] Fang Lan, Wang Chunlei, and MaGuoqing , “A Framework for Network Security Situation Awareness Based on Knowledge Discovery” 2010 2nd International Conference on Computer Engineering and Technology 2010 IEEE.
[10] Juan Wang,Feng-li Zhang,Jing Jin,Wei Chen, “Alert Analysis and Threat Evaluation in Network Situation Awareness” 2010 IEEE.
[11] Cyril Onwubiko, “Functional Requirements of Situational Awareness in Computer Network Security” 2009 IEEE.
[12] Liu Mixi, Yu Dongmei and Zhang Qiuyu et aI., "Network Security Situation Assessment Based on Data Fusion, " 2008 Workshop on Knowledge Discovery and Data Mining, 2008
[13] Wang Huiqiang, Lai Jibao, and Ying Liang, "Network Security Situation Awareness Based on Heterogeneous Multi-Sensor Data Fusion and Neural Network, " Second International Multisymposium on Computer and Computational Sciences, 2007 IEEE.
[14] Mr. Marc Grégoire, “Visualization for Network Situational Awareness in Computer Network Defense” (2005). In Visualization and the Common Operational Picture (pp. 20-1 - 20-6). Meeting Proceedings RTO MP-IST-043, Paper 20. Neuilly-sur-Seine.
[15] Mr. Abhishek Pipliya and Mr. Sachin Cirgaiya, “Network Pattern Analysis based Vulnerability Measurement using Attack Graph Hierarchical Visualization Approach” In International Journal of Computer Applications (0975–8887) Volume 99 – No.1 1, August 2014 (pp. 45-50)

Keywords
NPA-VM (Network Pattern Analysis Based Vulnerability Measurement), Forecasting, Transformation, forecasting.