@inproceedings{6a11b1b19f784976a4d7479963e8fb99,
title = "A user-centered approach to visualizing network traffic for intrusion detection",
abstract = "Intrusion detection (ID) analysts are charged with ensuring the safety and integrity of today's high-speed computer networks. Their work includes the complex task of searching for indications of attacks and misuse in vast amounts of network data. Although there are several information visualization tools to support ID, few are grounded in a thorough understanding of the work ID analysts perform or include any empirical evaluation. We present a user-centered visualization based on our understanding of the work of ID and the needs of analysts derived from the first significant user study of ID. The tool presents analysts with both 'at a glance' understanding of network activity, and low-level network link details. Results from preliminary usability testing show that users performed better and found easier those tasks dealing with network state in comparison to network link tasks.",
keywords = "Information visualization, Intrusion detection, Network security, Usability testing, User-centered design",
author = "Goodall, {John R.} and Ozok, {A. Ant} and Lutters, {Wayne G.} and Penny Rheingans and Anita Komlodi",
year = "2005",
doi = "10.1145/1056808.1056927",
language = "English",
isbn = "1595930027",
series = "Conference on Human Factors in Computing Systems - Proceedings",
pages = "1403--1406",
booktitle = "CHI'05 Extended Abstracts on Human Factors in Computing Systems, CHI EA'05",
note = "Conference on Human Factors in Computing Systems, CHI EA 2005 ; Conference date: 02-04-2005 Through 07-04-2005",
}