IEEE Transactions on Visualization and Computer Graphics
VisFlowConnect: netflow visualizations of link relationships for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
PortVis: a tool for port-based detection of security events
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
I know my network: collaboration and expertise in intrusion detection
CSCW '04 Proceedings of the 2004 ACM conference on Computer supported cooperative work
An Information Visualization Framework for Intrusion Detection
CHI '04 Extended Abstracts on Human Factors in Computing Systems
Intrusion and misuse detection in large-scale systems
IEEE Computer Graphics and Applications
Focusing on Context in Network Traffic Analysis
IEEE Computer Graphics and Applications
Visualizing network traffic for intrusion detection
DIS '06 Proceedings of the 6th conference on Designing Interactive systems
Command line or pretty lines?: comparing textual and visual interfaces for intrusion detection
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Progressive multiples for communication-minded visualization
GI '07 Proceedings of Graphics Interface 2007
A Component-Based Framework for Visualization of Intrusion Detection Events
Information Security Journal: A Global Perspective
Database and database application security
ITiCSE '09 Proceedings of the 14th annual ACM SIGCSE conference on Innovation and technology in computer science education
User-Centered Development of a Visual Exploration System for In-Car Communication
SG '09 Proceedings of the 10th International Symposium on Smart Graphics
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Proposing a multi-touch interface for intrusion detection environments
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Hi-index | 0.00 |
Intrusion detection (ID) analysts are charged with ensuring the safety and integrity of today's high-speed computer networks. Their work includes the complex task of searching for indications of attacks and misuse in vast amounts of network data. Although there are several information visualization tools to support ID, few are grounded in a thorough understanding of the work ID analysts perform or include any empirical evaluation. We present a user-centered visualization based on our understanding of the work of ID and the needs of analysts derived from the first significant user study of ID. The tool presents analysts with both 'at a glance' understanding of network activity, and low-level network link details. Results from preliminary usability testing show that users performed better and found easier those tasks dealing with network state in comparison to network link tasks.