Apparatus and method for monitoring network using the parallel coordinate system
First Claim
Patent Images
1. A network monitoring apparatus for monitoring a first network, comprising:
- a network packet collector collecting packets of the first network; and
a visual information generator generating visual information by displaying the packets on a parallel coordinate system which has at least two parallel axes for parameters of the packets.
1 Assignment
0 Petitions
Accused Products
Abstract
A network monitoring apparatus collects packets of a first network, and generates visual information by displaying the packets on a parallel coordinate system which has one or more parallel axis for parameters of the packets. The network monitoring apparatus may extract attack packets from the packet, and the network monitoring apparatus may transmit the visual information to a remote server. Through the network monitoring apparatus, the network manager can visually grasp the state of the network or the existence of a network attack.
133 Citations
28 Claims
-
1. A network monitoring apparatus for monitoring a first network, comprising:
-
a network packet collector collecting packets of the first network; and
a visual information generator generating visual information by displaying the packets on a parallel coordinate system which has at least two parallel axes for parameters of the packets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A network monitoring method for monitoring a first network, comprising:
-
collecting packets of the first network; and
generating visual information by displaying the packets on a parallel coordinate system which has one or more parallel axes for parameters of the packets. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A network analyzing apparatus for analyzing a first network, comprising:
-
a network packet collector collecting packets of the first network;
at least two parameter storages in which the same value is stored only once; and
an attack type identifier generator generating an attack type identifier of a packet according to whether or not the value of each parameter of the packet is already stored in the parameter storages. - View Dependent Claims (26)
-
-
27. An attack type identifying method for identifying an attack type of a packet on a first network, comprising:
-
collecting packets of the first network; and
generating an attack type identifier of a packet according to whether or not the value of each parameter of the packet is already stored in parameter storages in which the same value is stored only once.
-
-
28. A packet classifying method for classifying packets on a first network according to attack type, comprising:
-
collecting packets of the first network;
generating an attack type identifier of a packet according to whether or not the values of each parameter of the packet are already stored in parameter storages in which the same value is stored only once; and
storing the packet in an attack packet storage according to the attack type identifier.
-
Specification