By Topic

User requirements and design of a visualization for intrusion detection analysis

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
1 Author(s)
Goodall, J.R. ; Dept. of Inf. Syst., UMBC, Baltimore, MD, USA

This paper reports on the user requirements gathering activities and design of an information visualization tool for analyzing network data for intrusion detection (ID). User-centered design methods have been widely used for many years. However, innovative visualization displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools may not fully support actual users in their daily work. We studied ID analysts' activities in order to understand their work practices. This resulted in a simple task model of ID work and guidelines for visualization support. Noting the lack of current visualization support for the analysis ID task and grounded in the actual needs of ID analysts, we designed a visualization prototype for investigating network traffic.

Published in:

Information Assurance Workshop, 2005. IAW '05. Proceedings from the Sixth Annual IEEE SMC

Date of Conference:

15-17 June 2005