Abstract
Recently, illegal access via network is increasing. Therefore the importance of a network intrusion detection system (IDS) has risen up in order to counter the threat. However,large amounts of IDS log make it difficult for an expert network administrator to grasp the warning situation precisely. To solve the problem,a 2D visualization of IDS log is one of the effective methods. Generally,it is difficult to plot whole 32bits IP address space in a real display. In this paper,we propose a new 2D visualization method for IDS that can plot whole IP address space. Since each warning event is scattered over the 2D map by utilizing hash function,an administrator can distinguish individual warning event from WAN to LAN. The visualization method make it possible to grasp a network situation intuitively,and to enhance an efficient operation of IDS.
