Abstract
The work of intrusion detection (ID) in accomplishing network security is complex, requiring highly sought-after expertise. While limited automation exists, the role of human ID analysts remains crucial. This paper presents the results of an exploratory field study examining the role of expertise and collaboration in ID work. Through an analysis of the common and situated expertise required in ID work, our results counter basic assumptions about its individualistic character, revealing significant distributed collaboration. Current ID support tools provide no support for this collaborative problem solving. The results of this research highlight ID as an engaging CSCW work domain, one rich with organizational insights, design challenges, and practical import.
| Original language | English |
|---|---|
| Pages | 342-345 |
| Number of pages | 4 |
| State | Published - 2004 |
| Externally published | Yes |
| Event | Computer Supported Cooperative Work - Conference Proceedings, CSCW 2004 - Chicago, IL, United States Duration: Nov 6 2004 → Nov 10 2004 |
Conference
| Conference | Computer Supported Cooperative Work - Conference Proceedings, CSCW 2004 |
|---|---|
| Country/Territory | United States |
| City | Chicago, IL |
| Period | 11/6/04 → 11/10/04 |
Keywords
- Expertise
- Field study
- Information security
- Intrusion detection