A visualization analysis tool for DNS amplification attack

This paper presents a visualization analysis tool for detecting, analyzing and responding to the Distributed Denial of Service attack termed the Domain Name Service (DNS) amplification attack. The tool integrates agent technology, visual analytics and interactive visualization techniques to allow users to interact with the system in real-time, to monitor the network traffic, to analyze traffic information, to detect abnormal behaviors, and to respond to the DNS amplification attack. Three algorithms that are the filter algorithm, the mapping and visualizing algorithm, and the response algorithm have been developed to detect and respond to the DNS amplification attack automatically or manually. A set of experiments have been conducted in an isolated laboratory and produced expected results.

[1]  Daniel A. Keim,et al.  Monitoring Network Traffic with Radial Traffic Analyzer , 2006, 2006 IEEE Symposium On Visual Analytics Science And Technology.

[2]  Kristin A. Cook,et al.  Illuminating the Path: The Research and Development Agenda for Visual Analytics , 2005 .

[3]  Weichao Wang,et al.  Interactive Wormhole Detection in Large Scale Wireless Networks , 2006, 2006 IEEE Symposium On Visual Analytics Science And Technology.

[4]  Kwan-Liu Ma,et al.  A visualization methodology for characterization of network scans , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..

[5]  Wayne G. Lutters,et al.  An Information Visualization Framework for Intrusion Detection , 2004, CHI EA '04.