A Visual Technique for Internet Anomaly Detection

S.T. Teoh, K.-L. Ma, S.F. Wu, and X. Zhao (USA)


Information visualization, Network Security, Data Explo ration, Anomaly Detection


The Internet can be made more secure and efficient with effective anomaly detection. In this paper, we describe a visual method for anomaly detection using archived Bor der Gateway Protocol (BGP) data. A special encoding of IP addresses built into an interactive visual interface de sign allows a user to quickly detect anomalous Origin AS changes by browsing through visual representations of se lected aspects of the data. We demonstrate how our system can be used to detect errors on the Internet and to discover the source and reasons for each fault detected. Our visual approach can play a major role in an anomaly detection system.

Important Links:

Go Back