So, 2Dto2D visualization is useful for detecting such access patterns.
Network attacks like the intrusion have a certain access pattern strongly related to the four attributes of IP packet data, i.e., source IP, destination IP, source Port, and destination Port. 2Dto2D visualization functionality displays multiple lines those represent four-dimensional (four attributes) data drawn from one (2D, two attributes) plane to the other (2D, two attributes) plane in a 3D space. Especially, in this chapter, the author introduces the combinatorial use of PCTT and 2Dto2D visualization functionality for visual analytics of network data. This chapter treats an interactive visual analysis tool called PCTT, Parallel Coordinates Version of Time-tunnel, for multidimensional data and multi-attributes data. After providing a brief description of how operators identify conflict traffic situations and anomalies, the anomaly detection problem is characterized from a data mining point of view, suggesting how operators may enhance the process through visualization and interaction. Therefore, this chapter elaborates on the role of visualization and interaction in the anomaly detection process, using the surveillance of sea areas as a case study. Visualization and interaction play a crucial role in providing adequate user support and involving the user in the detection process. While it is worth acknowledging that many existing mining applications support identification of anomalous behavior, autonomous anomaly detection systems for area surveillance are rarely used in the real world since these capabilities and applications present two critical challenges: they need to provide adequate user support and they need to involve the user in the underlying detection process.
Timely detection and identification of anomalous behavior or any threat activity is an important objective for enabling homeland security. Large volumes of heterogeneous data from multiple sources need to be analyzed during the surveillance of large sea, air, and land areas.