Visualizing the structure of the World Wide Web in 3D hyperbolic space
VRML '95 Proceedings of the first symposium on Virtual reality modeling language
A focus+context technique based on hyperbolic geometry for visualizing large hierarchies
CHI '95 Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
AVI '00 Proceedings of the working conference on Advanced visual interfaces
ThemeRiver: Visualizing Thematic Changes in Large Document Collections
IEEE Transactions on Visualization and Computer Graphics
Software Visualization in the Large
Computer
Cluster and Calendar Based Visualization of Time Series Data
INFOVIS '99 Proceedings of the 1999 IEEE Symposium on Information Visualization
TreeJuxtaposer: scalable tree comparison using Focus+Context with guaranteed visibility
ACM SIGGRAPH 2003 Papers
Hierarchical Edge Bundles: Visualization of Adjacency Relations in Hierarchical Data
IEEE Transactions on Visualization and Computer Graphics
MatrixExplorer: a Dual-Representation System to Explore Social Networks
IEEE Transactions on Visualization and Computer Graphics
CMV '07 Proceedings of the Fifth International Conference on Coordinated and Multiple Views in Exploratory Visualization
State of the Art: Coordinated & Multiple Views in Exploratory Visualization
CMV '07 Proceedings of the Fifth International Conference on Coordinated and Multiple Views in Exploratory Visualization
A review of overview+detail, zooming, and focus+context interfaces
ACM Computing Surveys (CSUR)
Effectiveness of Animation in Trend Visualization
IEEE Transactions on Visualization and Computer Graphics
MizBee: A Multiscale Synteny Browser
IEEE Transactions on Visualization and Computer Graphics
IEEE Transactions on Visualization and Computer Graphics
Change-link 2.0: a digital forensic tool for visualizing changes to shadow volume data
Proceedings of the Tenth Workshop on Visualization for Cyber Security
| Hi-index | 0.00 |
We present Change-Link, a customizable data exploration tool which empowers the user to see visual representations of directories that have changed over time within a computer operating system that supports the Microsoft Volume Shadow Copy Service (VSS). Change-Link displays change information in a split-screen interface comprising an overview of directory change for the entire dataset and a detail view of change for individual directories. Input to Change-Link is an evidence hard drive containing an active file system and previous versions of the directory structure that were archived by the VSS. This approach to browsing change within a directory structure helps a digital forensic examiner understand how a particular computer was used to support criminal activity. Because data that have changed are often the most important, identifying directories that have changed over time directs attention towards data of higher importance. By examining the most important data, digital forensic examiners are better able to keep pace with the data explosion that is making current digital forensic examinations unmanageable. Our contributions include the development of a segmented box and whisker glyph for representing change over time for individual directories, an approach for aggregating VSS data for digital forensic examinations, and a data visualization tool for exploring digital forensic data.