I know my network: Collaboration and expertise in intrusion detection

John R. Goodall, Wayne G. Lutters, Anita Komlodi

Research output: Contribution to conferencePaper

49 Citations (Scopus)

Abstract

The work of intrusion detection (ID) in accomplishing network security is complex, requiring highly sought-after expertise. While limited automation exists, the role of human ID analysts remains crucial. This paper presents the results of an exploratory field study examining the role of expertise and collaboration in ID work. Through an analysis of the common and situated expertise required in ID work, our results counter basic assumptions about its individualistic character, revealing significant distributed collaboration. Current ID support tools provide no support for this collaborative problem solving. The results of this research highlight ID as an engaging CSCW work domain, one rich with organizational insights, design challenges, and practical import.

Original languageEnglish
Pages342-345
Number of pages4
Publication statusPublished - Dec 1 2004
EventComputer Supported Cooperative Work - Conference Proceedings, CSCW 2004 - Chicago, IL, United States
Duration: Nov 6 2004Nov 10 2004

Other

OtherComputer Supported Cooperative Work - Conference Proceedings, CSCW 2004
CountryUnited States
CityChicago, IL
Period11/6/0411/10/04

Keywords

  • Expertise
  • Field study
  • Information security
  • Intrusion detection

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'I know my network: Collaboration and expertise in intrusion detection'. Together they form a unique fingerprint.

  • Cite this

    Goodall, J. R., Lutters, W. G., & Komlodi, A. (2004). I know my network: Collaboration and expertise in intrusion detection. 342-345. Paper presented at Computer Supported Cooperative Work - Conference Proceedings, CSCW 2004, Chicago, IL, United States.