Activity theory as a potential framework for human-computer interaction research
Context and consciousness
Image graphs—a novel approach to visual data exploration
VIS '99 Proceedings of the conference on Visualization '99: celebrating ten years
Constructing attack scenarios through correlation of intrusion alerts
Proceedings of the 9th ACM conference on Computer and communications security
Probabilistic Alert Correlation
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Aggregation and Correlation of Intrusion-Detection Alerts
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
HAPTICS '02 Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Alert Correlation in a Cooperative Intrusion Detection Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Correlating Alerts Using Prerequisites of Intrusions
Correlating Alerts Using Prerequisites of Intrusions
Learning attack strategies from intrusion alerts
Proceedings of the 10th ACM conference on Computer and communications security
Collaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
SnortView: visualization system of snort logs
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Reasoning About Complementary Intrusion Evidence
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Alert Correlation through Triggering Events and Common Resources
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Hypothesizing and reasoning about attacks missed by intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
A user-centered approach to visualizing network traffic for intrusion detection
CHI '05 Extended Abstracts on Human Factors in Computing Systems
An Information Visualization Framework for Intrusion Detection
CHI '04 Extended Abstracts on Human Factors in Computing Systems
Experiences with and Observations of Direct-Touch Tabletops
TABLETOP '06 Proceedings of the First IEEE International Workshop on Horizontal Interactive Human-Computer Systems
IDGraphs: Intrusion Detection and Analysis Using Stream Compositing
IEEE Computer Graphics and Applications
Hierarchical Visualization of Network Intrusion Detection Data
IEEE Computer Graphics and Applications
Creativity support tools: accelerating discovery and innovation
Communications of the ACM
Large-Scale Network Monitoring for Visual Analysis of Attacks
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
NetFlow Data Visualization Based on Graphs
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
User-defined gestures for surface computing
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
FloVis: Flow Visualization System
CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security
Sketching User Experiences: Getting the Design Right and the Right Design
Sketching User Experiences: Getting the Design Right and the Right Design
Proceedings of Graphics Interface 2009
Visualization of Node Interaction Dynamics in Network Traces
AIMS '09 Proceedings of the 3rd International Conference on Autonomous Infrastructure, Management and Security: Scalability of Networks and Services
Understanding Multi-touch Manipulation for Surface Computing
INTERACT '09 Proceedings of the 12th IFIP TC 13 International Conference on Human-Computer Interaction: Part II
Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
A visualization tool for exploring multi-scale network traffic anomalies
SPECTS'09 Proceedings of the 12th international conference on Symposium on Performance Evaluation of Computer & Telecommunication Systems
Analyzing intensive intrusion alerts via correlation
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A mission-impact-based approach to INFOSEC alarm correlation
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Interactive visualization for network and port scan detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Intrusion and misuse detection in large-scale systems
IEEE Computer Graphics and Applications
Hi-index | 0.00 |
Network Intrusion Detection is a critical task in today's environment, where network attacks and intrusions are everyday occurrences and state-level cyber warfare is a major concern. At the same time, it is a very difficult task, in part due to the large scale of the data logs where the attack information is hidden, and also in part because of the lack of effective data exploration tools for the intrusion detection tasks. In this work, we examine the current state of visualization techniques and identify some key limitations. Based on this analysis, we propose a novel design for an interface for network security analysts, capitalizing on cutting edge technology, and discuss implications for future research.