TY - GEN
T1 - User requirements and design of a visualization for intrusion detection analysis
AU - Goodall, John R.
PY - 2005
Y1 - 2005
N2 - This paper reports on the user requirements gathering activities and design of an information visualization tool for analyzing network data for intrusion detection (ID). User-centered design methods have been widely used for many years. However, innovative visualization displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools may not fully support actual users in their daily work. We studied ID analysts' activities in order to understand their work practices. This resulted in a simple task model of ID work and guidelines for visualization support. Noting the lack of current visualization support for the analysis ID task and grounded in the actual needs of ID analysts, we designed a visualization prototype for investigating network traffic.
AB - This paper reports on the user requirements gathering activities and design of an information visualization tool for analyzing network data for intrusion detection (ID). User-centered design methods have been widely used for many years. However, innovative visualization displays are often developed with limited consideration of user needs in the context of real-life problems. While it can be argued that this is required to generate creative new solutions, the resulting tools may not fully support actual users in their daily work. We studied ID analysts' activities in order to understand their work practices. This resulted in a simple task model of ID work and guidelines for visualization support. Noting the lack of current visualization support for the analysis ID task and grounded in the actual needs of ID analysts, we designed a visualization prototype for investigating network traffic.
KW - Information visualization
KW - Intrusion detection
KW - User centered design
UR - http://www.scopus.com/inward/record.url?scp=33645243542&partnerID=8YFLogxK
U2 - 10.1109/IAW.2005.1495979
DO - 10.1109/IAW.2005.1495979
M3 - Conference contribution
AN - SCOPUS:33645243542
SN - 0780392906
SN - 9780780392908
T3 - Proceedings from the 6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
SP - 394
EP - 401
BT - Proceedings from the Sixth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
T2 - 6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
Y2 - 15 June 2005 through 17 June 2005
ER -