Title :
User requirements and design of a visualization for intrusion detection analysis
Author :
Goodall, John R.
Author_Institution :
Dept. of Inf. Syst., UMBC, Baltimore, MD, USA
Abstract :
This paper reports on the user requirements gathering activities and design of an information visualization tool for analyzing network data for intrusion detection (ID). User-centered design methods have been widely used for many years. However, innovative visualization displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools may not fully support actual users in their daily work. We studied ID analysts´ activities in order to understand their work practices. This resulted in a simple task model of ID work and guidelines for visualization support. Noting the lack of current visualization support for the analysis ID task and grounded in the actual needs of ID analysts, we designed a visualization prototype for investigating network traffic.
Keywords :
computer networks; data visualisation; formal specification; security of data; user centred design; information visualization tool; intrusion detection analysis; network data; network traffic; user requirements; user-centered design; visualization display; Data analysis; Data visualization; Displays; Ground support; Guidelines; Information analysis; Intrusion detection; Prototypes; Telecommunication traffic; User centered design;
Conference_Titel :
Information Assurance Workshop, 2005. IAW '05. Proceedings from the Sixth Annual IEEE SMC
Print_ISBN :
0-7803-9290-6
DOI :
10.1109/IAW.2005.1495979
