Countering security information overload through alert and packet visualization

Author

Conti, Gregory ; Abdullah, Kulsoom ; Grizzard, Julian ; Stasko, John ; Copeland, John A. ; Ahamad, Mustaque ; Owen, Henry L. ; Lee, Chris

Author_Institution

Georgia Inst. of Technol., Atlanta, GA, USA

Volume

26

Issue

2

fYear

2006

Firstpage

60

Lastpage

70

Abstract

This article presents a framework for designing network security visualization systems as well as results from the end-to-end design and implementation of two highly interactive systems. In this article, we provide multiple contributions: we present the results of our survey of security professionals, the design framework, and lessons learned from the design of our systems as well as an evaluation of their effectiveness. Our results indicate that both systems effectively present significantly more information when compared to traditional textual approaches. We believe that the interactive, graphical techniques that we present will have broad applications in other domains seeking to deal with information overload.

Keywords

data visualisation; graphical user interfaces; interactive systems; security of data; alert visualization; end-to-end design; graphical techniques; interactive technique; network security visualization system; packet visualization; security professional; Computer security; Data security; Hardware; Humans; Information analysis; Information security; Intrusion detection; Protocols; Statistical analysis; Visualization; alert visualization; log visualization; network visualization; packet visualization; payload visualization; Computer Communication Networks; Computer Graphics; Information Storage and Retrieval; Signal Processing, Computer-Assisted; Software; User-Computer Interface;

fLanguage

English

Journal_Title

Computer Graphics and Applications, IEEE

Publisher

ieee

ISSN

0272-1716

Type

jour

DOI

10.1109/MCG.2006.30

Filename

1607922