• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.47-56
• /
• 2021

Network topology visualization has been studied a lot since the past and developed with many tools. The network topology has strength in understanding the overall structure of a network physically and is useful for understanding data flow between nodes logically. Although there are existing tools, not many can be utilized efficiently while using the general network node data structure and express the topology similar to the actual network structure. In this paper, we propose an efficient method to visualize topology using only connection information of network nodes. The method finds the central node by using the centrality, the influence of nodes in the network, and visualizes the topology by dynamically segmenting all nodes and placing network nodes in 3D space using the weight of the child node. It is a straightforward method, yet it effectively visualizes in the form of an actual network structure.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.32 no.2
• /
• pp.76-84
• /
• 2009

Since too much information has been generated, it became very difficult to find out valuable and necessary information. In order to deal with the problem of information overload, the taxonomy for information visualization techniques has been based upon visualized shapes such as tree map, fisheye view and parallel coordinates, so that it was difficult to choose the right representation technique by data characteristics. Therefore, this study was designed to introduce a new taxonomy for the information visualization by data characteristics which defined by space (3D vs. multi-dimensions), time (continuous vs. discrete), and relations of data (qualitative vs. quantitative). To verify the new taxonomy, forensic data which were generated to investigate the culprit of network security was used. The result showed that the new taxonomy was found to be very efficient and effective to choose the right visualized shape for forensic data for network security. In conclusion, the new taxonomy was proven to be very helpful to choose the right information visualization technique by data characteristics.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.31-40
• /
• 2008

Recently, network forensic research which analyzes intrusion-related information for tracing of attackers, has been becoming more popular than disk forensic which analyzes remaining evidences in a system. Analysis and correlation of logs from firewall, IDS(Intrusion Detect System) and web server are important part in network forensic procedures. This work suggests integrated graphical user interface of network forensic for private information leakage detection. This paper shows the necessity of various log information for network forensic and a design of graphical user interface for security managers who need to monitor the leakage of private information.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.169-178
• /
• 2022

In general, organizations operating multi-domain networks find it difficult to represent and manage multiple domain net works on a single screen space. Instead, most of them are managed with multiple screens visualizing network topology by domain or partitioning one screen area into multiple domains. We propose an efficient method to visualize the topology using only minimal connection information between domain-agnostic nodes in this work. This method visualizes the topology by utilizing centrality indices representing the influence of nodes in the network. Furthermore, the method dynamically segments the entire node's display area using virtual Root nodes to auto-separate domains and weights of child nodes and placing nodes in 3D space. Thus, although it is a straightforward method, the multi-domain network topology can be visualized with only minimal connection information between nodes.

• Journal of the Ergonomics Society of Korea
• /
• v.30 no.2
• /
• pp.319-330
• /
• 2011

In computer forensics investigation, the investigators collect, protect, analyze and interpret massive amount of data which were used in cyber crime. However, due to its huge amount of information, it takes a great deal of time and errors often result even when they use forensics investigation tool in the process. The information visualization techniques will greatly help to improve the information processing ability of human when they deal with the overwhelming amount of data and have to find out significant information in it. The importance of Intrusion Detection System(IDS) among network forensics is being emphasized in computer forensics. In this study, we apply the information visualization techniques which are proposed to be a great help to IDS and carry out the usability test to find out the most effective information visualization techniques for IDS.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.204-209
• /
• 2023

Dynamic Bandwidth Allocation (DBA) methods in telecommunication network & systems have emerged with mechanisms for sharing limited resources in a rapidly growing number of users in today's access networks. Since the DBA research trends are incredibly fast-changing literature where almost every day new areas and terms continue to emerge. Co - citation analysis offers a significant support to researchers to distinguish intellectual bases and potentially leading edges of a specific field. We present the visualization based analysis for DBA algorithms in telecommunication field using mainstream co-citation analysis tool-CiteSpace and web of science (WoS) analysis. Research records for the period of decade (2009-2018) for this analysis are sought from WoS. The visualization results identify the most influential DBA algorithms research studies, journals, major countries, institutions, and researchers, and indicate the intellectual bases and focus entirely on DBA algorithms in the literature, offering guidance to interested researchers on more study of DBA algorithms.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.35-42
• /
• 2021

In the current context of digitalization of education, the use of modern methods and techniques of data analysis and processing in order to improve students' school results has a very important role. In our paper, we aimed to perform a comparative study of the classification performances of AdaBoost, SVM, Naive Bayes, Neural Network and kNN algorithms to classify the results obtained at the Baccalaureate by students from a college in Suceava, during 2012-2019. To evaluate the results we used the metrics: AUC, CA, F₁, Precision and Recall. The AdaBoost algorithm achieves incredible performance for classifying the results into two categories: promoted / rejected. Next in terms of performance is Naive Bayes with a score of 0.999 for the AUC metric. The Neural Network and kNN algorithms obtain scores of 0.998 and 0.996 for AUC, respectively. SVM shows poorer performance with the score 0.987 for AUC. With the help of the HeatMap and DataTable visualization tools we identified possible correlations between classification results and some characteristics of data.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.177-188
• /
• 2024

As technology evolves, Internet usage continues to grow, resulting in a geometric increase in network traffic and communication volumes. The network path selection process, which is one of the core elements of the Internet, is becoming more complex and advanced as a result, and it is important to effectively manage and analyze it, and there is a need for a representation and visualization method that can be intuitively understood. To this end, this study designs a framework that analyzes network data using BGP, a network path selection method, and applies it to the cyber common operating picture for situational awareness. After that, we analyze the visualization elements required to visualize the information and conduct an experiment to implement a simple visualization. Based on the data collected and preprocessed in the experiment, the visualization screens implemented help commanders or security personnel to effectively understand the network situation and take command and control.

• Proceedings of the IEEK Conference
• /
• 2002.07b
• /
• pp.928-931
• /
• 2002

Network based intrusion detection system is a computer network security tool. In this paper, we present an intrusion detection system based on Self-Organizing Maps (SOM) and Resilient Propagation Neural Network (RPROP) for visualizing and classifying intrusion and normal patterns. We introduce a cluster matching equation for finding principal associated components in component planes. We apply data from The Third International Knowledge Discovery and Data Mining Tools Competition (KDD cup'99) for training and testing our prototype. From our experimental results with different network data, our scheme archives more than 90 percent detection rate, and less than 5 percent false alarm rate in one SYN flooding and two port scanning attack types.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.797-808
• /
• 2012

In smart work environment, a company provides employees a flexible work environment for tele-working using mobile phone or portable devices. On the other hand, such environment are exposed to the risks which the attacker can intrude into computer systems or leak personal information of smart-workers' and gain a company's sensitive information. To reduce these risks, the security administrator needs to analyze the usage patterns of employees and detect abnormal behaviors by monitoring VPN(Virtual Private Network) access log. This paper proposes a decision support system that can notify the status by using visualization and similarity measure through clustering analysis. On average, 88.7% of abnormal event can be detected by this proposed method. With this proposed system, the security administrator can detect abnormal behaviors of the employees and prevent account theft.