Automating the design of graphical presentations of relational information
ACM Transactions on Graphics (TOG)
ISSTA '94 Proceedings of the 1994 ACM SIGSOFT international symposium on Software testing and analysis
Using visual texture for information display
ACM Transactions on Graphics (TOG)
A focus+context technique based on hyperbolic geometry for visualizing large hierarchies
CHI '95 Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Interactive visualization of serial periodic data
Proceedings of the 11th annual ACM symposium on User interface software and technology
Large Datasets at a Glance: Combining Textures and Colors in Scientific Visualization
IEEE Transactions on Visualization and Computer Graphics
ThemeRiver: Visualizing Thematic Changes in Large Document Collections
IEEE Transactions on Visualization and Computer Graphics
The Eyes Have It: A Task by Data Type Taxonomy for Information Visualizations
VL '96 Proceedings of the 1996 IEEE Symposium on Visual Languages
Cluster and Calendar Based Visualization of Time Series Data
INFOVIS '99 Proceedings of the 1999 IEEE Symposium on Information Visualization
Visualizing Time-Series on Spirals
INFOVIS '01 Proceedings of the IEEE Symposium on Information Visualization 2001 (INFOVIS'01)
Case Study: Visualizing Sets of Evolutionary Trees
INFOVIS '02 Proceedings of the IEEE Symposium on Information Visualization (InfoVis'02)
InterRing: An Interactive Tool for Visually Navigating and Manipulating Hierarchical Structures
INFOVIS '02 Proceedings of the IEEE Symposium on Information Visualization (InfoVis'02)
TreeJuxtaposer: scalable tree comparison using Focus+Context with guaranteed visibility
ACM SIGGRAPH 2003 Papers
Tree-Maps: a space-filling approach to the visualization of hierarchical information structures
VIS '91 Proceedings of the 2nd conference on Visualization '91
Axes-based visualizations with radial layouts
Proceedings of the 2004 ACM symposium on Applied computing
Visualizing Changes of Hierarchical Data using Treemaps
IEEE Transactions on Visualization and Computer Graphics
Who Votes For What? A Visual Query Language for Opinion Data
IEEE Transactions on Visualization and Computer Graphics
Proceedings of the 2010 ACM Symposium on Applied Computing
MoireGraphs: radial focus+context visualization and interaction for graphs with visual nodes
INFOVIS'03 Proceedings of the Ninth annual IEEE conference on Information visualization
LifeFlow: visualizing an overview of event sequences
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
TimeSlice: interactive faceted browsing of timeline data
Proceedings of the International Working Conference on Advanced Visual Interfaces
Computer forensic timeline visualization tool
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Visual comparison for information visualization
Information Visualization - Special issue on State of the Field and New Research Directions
Change-Link: a digital forensic tool for visualizing changes to directory trees
Proceedings of the Ninth International Symposium on Visualization for Cyber Security
MoireTrees: visualization and interaction for multi-hierarchical data
EUROVIS'05 Proceedings of the Seventh Joint Eurographics / IEEE VGTC conference on Visualization
| Hi-index | 0.00 |
We present Change Link 2.0, a coordinated and multiple view tool for digital forensics which supports an understanding of how shadow volume data have changed over time. An improvement over the original Change-Link tool [25], Change-Link 2.0 provides an overview, a directory-tree view, a directory content view, and a metadata view in a side-by-side, split-screen, linked-view interface that supports easy browsing and detection of files and directories that have changed over time. This data visualization approach supports faster comprehension of digital forensic data, quick detection of anomalous data, and a better understanding of "what happened?." Input to Change-Link 2.0 is an evidentiary hard drive containing multiple versions of files and directories which have been archived by the Microsoft Volume Shadow Copy Service [28]. Our contributions include data visualization techniques that support an overview of the entire dataset, as well as an understanding of how the directory-tree structure, individual directory content, and file and directory metadata have changed over time. Change-Link 2.0, and its predecessor, are the first data visualization tools that we are aware of which support the forensic examination of shadow volume data.