|
The Parallel Coordinates Methodology to Study Suspicious Behavior on a Computer Network |
|---|---|
| รหัสดีโอไอ | |
| Creator | ณัฐโชติ พรหมฤทธิ |
| Title | The Parallel Coordinates Methodology to Study Suspicious Behavior on a Computer Network |
| Contributor | อนิราช มิ่งขวัญ |
| Publisher | Faculty of Information Science and Technology, Mahanakorn University of Technology |
| Publication Year | 2554 |
| Journal Title | Journal of Information Science and Technology |
| Journal Vol. | 2 |
| Journal No. | 1 |
| Page no. | 12-20 |
| Keyword | Network forensic, Network traffic, Network traffic visualization, Parallel coordinates |
| URL Website | https://tci-thaijo.org/index.php/JIST |
| Website title | Journal of Information Science and Technology |
| ISSN | 2651-1053 |
| Abstract | In this paper, the suspicious behavior on a computer network is used to analyze by detecting the violation behavior of network security policies. This paper proposed the user investigations with visualization time machine for network forensic (UIV) model. The proposed model is used parallel coordinates, which can be presented as the relationship of various parameters such as user, source ip address, time, destination ip address, destination service and domain name. For this system, the model is tested by simulated attack. The result of experiment shows that (i) the attacked signatures are different depended on situation attacked and (ii) the analyst are able to tracking individual behavior using UIV model. |
