• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

A Visualization System for Multiple Heterogeneous Network Security Data and Fusion Analysis


Abstract

Owing to their low scalability, weak support on big data, insufficient data collaborative analysis and inadequate situational awareness, the traditional methods fail to meet the needs of the security data analysis. This paper proposes visualization methods to fuse the multi-source security data and grasp the network situation. Firstly, data sources are classified at their collection positions, with the objects of security data taken from three different layers. Secondly, the Heatmap is adopted to show host status; the Treemap is used to visualize Netflow logs; and the radial Node-link diagram is employed to express IPS logs. Finally, the Labeled Treemap is invented to make a fusion at data-level and the Time-series features are extracted to fuse data at feature-level. The comparative analyses with the prize-winning works prove this method enjoying substantial advantages for network analysts to facilitate data feature fusion, better understand network security situation with a unified, convenient and accurate mode.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
Sheng Zhang, Ronghua Shi and Jue Zhao, "A Visualization System for Multiple Heterogeneous Network Security Data and Fusion Analysis," KSII Transactions on Internet and Information Systems, vol. 10, no. 6, pp. 2801-2816, 2016. DOI: 10.3837/tiis.2016.06.019

[ACM Style]
Zhang, S., Shi, R., and Zhao, J. 2016. A Visualization System for Multiple Heterogeneous Network Security Data and Fusion Analysis. KSII Transactions on Internet and Information Systems, 10, 6, (2016), 2801-2816. DOI: 10.3837/tiis.2016.06.019