An information visualization framework for intrusion detection

A. Komlódi, John R. Goodall, Wayne G. Lutters

Research output: Chapter in Book/Report/Conference proceedingConference contribution

31 Citations (Scopus)

Abstract

This paper reports a framework for designing information visualization (IV) tools for monitoring and analysis activities. In this user study, the domain for these activities is network intrusion detection (ID). User-centered design methods have been widely used for many years, however, innovative IV displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools often do not support actual users in their daily work. Several IV tools have been developed to support ID, but there is little evidence that these solutions address the needs of the users. We studied ID analysts' daily activities in order to understand their routine work practices and the need for designing IV tools. We developed a three-phase process model that frames corresponding requirements for IV tools. This model significantly extends the scope of contemporary IV for ID tools in novel ways.

Original languageEnglish
Title of host publicationConference on Human Factors in Computing Systems - Proceedings
Pages1743-1746
Number of pages4
DOIs
Publication statusPublished - 2004
EventConference on Human Factors in Computing Systems, CHI EA 2004 - Vienna, Austria
Duration: Apr 24 2004Apr 29 2004

Other

OtherConference on Human Factors in Computing Systems, CHI EA 2004
CountryAustria
CityVienna
Period4/24/044/29/04

Fingerprint

Intrusion detection
Visualization
Display devices
Monitoring

Keywords

  • Design implications
  • Information visualization
  • Interaction design
  • Intrusion detection
  • User studies

ASJC Scopus subject areas

  • Human-Computer Interaction
  • Computer Graphics and Computer-Aided Design
  • Software

Cite this

Komlódi, A., Goodall, J. R., & Lutters, W. G. (2004). An information visualization framework for intrusion detection. In Conference on Human Factors in Computing Systems - Proceedings (pp. 1743-1746) https://doi.org/10.1145/985921.1062935

An information visualization framework for intrusion detection. / Komlódi, A.; Goodall, John R.; Lutters, Wayne G.

Conference on Human Factors in Computing Systems - Proceedings. 2004. p. 1743-1746.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Komlódi, A, Goodall, JR & Lutters, WG 2004, An information visualization framework for intrusion detection. in Conference on Human Factors in Computing Systems - Proceedings. pp. 1743-1746, Conference on Human Factors in Computing Systems, CHI EA 2004, Vienna, Austria, 4/24/04. https://doi.org/10.1145/985921.1062935
Komlódi A, Goodall JR, Lutters WG. An information visualization framework for intrusion detection. In Conference on Human Factors in Computing Systems - Proceedings. 2004. p. 1743-1746 https://doi.org/10.1145/985921.1062935
Komlódi, A. ; Goodall, John R. ; Lutters, Wayne G. / An information visualization framework for intrusion detection. Conference on Human Factors in Computing Systems - Proceedings. 2004. pp. 1743-1746
@inproceedings{c01f0fa1328a40e8b50b985f58a98e84,
title = "An information visualization framework for intrusion detection",
abstract = "This paper reports a framework for designing information visualization (IV) tools for monitoring and analysis activities. In this user study, the domain for these activities is network intrusion detection (ID). User-centered design methods have been widely used for many years, however, innovative IV displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools often do not support actual users in their daily work. Several IV tools have been developed to support ID, but there is little evidence that these solutions address the needs of the users. We studied ID analysts' daily activities in order to understand their routine work practices and the need for designing IV tools. We developed a three-phase process model that frames corresponding requirements for IV tools. This model significantly extends the scope of contemporary IV for ID tools in novel ways.",
keywords = "Design implications, Information visualization, Interaction design, Intrusion detection, User studies",
author = "A. Koml{\'o}di and Goodall, {John R.} and Lutters, {Wayne G.}",
year = "2004",
doi = "10.1145/985921.1062935",
language = "English",
isbn = "1581137036",
pages = "1743--1746",
booktitle = "Conference on Human Factors in Computing Systems - Proceedings",

}

TY - GEN

T1 - An information visualization framework for intrusion detection

AU - Komlódi, A.

AU - Goodall, John R.

AU - Lutters, Wayne G.

PY - 2004

Y1 - 2004

N2 - This paper reports a framework for designing information visualization (IV) tools for monitoring and analysis activities. In this user study, the domain for these activities is network intrusion detection (ID). User-centered design methods have been widely used for many years, however, innovative IV displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools often do not support actual users in their daily work. Several IV tools have been developed to support ID, but there is little evidence that these solutions address the needs of the users. We studied ID analysts' daily activities in order to understand their routine work practices and the need for designing IV tools. We developed a three-phase process model that frames corresponding requirements for IV tools. This model significantly extends the scope of contemporary IV for ID tools in novel ways.

AB - This paper reports a framework for designing information visualization (IV) tools for monitoring and analysis activities. In this user study, the domain for these activities is network intrusion detection (ID). User-centered design methods have been widely used for many years, however, innovative IV displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools often do not support actual users in their daily work. Several IV tools have been developed to support ID, but there is little evidence that these solutions address the needs of the users. We studied ID analysts' daily activities in order to understand their routine work practices and the need for designing IV tools. We developed a three-phase process model that frames corresponding requirements for IV tools. This model significantly extends the scope of contemporary IV for ID tools in novel ways.

KW - Design implications

KW - Information visualization

KW - Interaction design

KW - Intrusion detection

KW - User studies

UR - http://www.scopus.com/inward/record.url?scp=84876779070&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84876779070&partnerID=8YFLogxK

U2 - 10.1145/985921.1062935

DO - 10.1145/985921.1062935

M3 - Conference contribution

AN - SCOPUS:84876779070

SN - 1581137036

SN - 9781581137033

SP - 1743

EP - 1746

BT - Conference on Human Factors in Computing Systems - Proceedings

ER -