Title :
Countering security information overload through alert and packet visualization
Author :
Conti, Gregory ; Abdullah, Kulsoom ; Grizzard, Julian ; Stasko, John ; Copeland, John A. ; Ahamad, Mustaque ; Owen, Henry L. ; Lee, Chris
Author_Institution :
Georgia Inst. of Technol., Atlanta, GA, USA
Abstract :
This article presents a framework for designing network security visualization systems as well as results from the end-to-end design and implementation of two highly interactive systems. In this article, we provide multiple contributions: we present the results of our survey of security professionals, the design framework, and lessons learned from the design of our systems as well as an evaluation of their effectiveness. Our results indicate that both systems effectively present significantly more information when compared to traditional textual approaches. We believe that the interactive, graphical techniques that we present will have broad applications in other domains seeking to deal with information overload.
Keywords :
data visualisation; graphical user interfaces; interactive systems; security of data; alert visualization; end-to-end design; graphical techniques; interactive technique; network security visualization system; packet visualization; security professional; Computer security; Data security; Hardware; Humans; Information analysis; Information security; Intrusion detection; Protocols; Statistical analysis; Visualization; alert visualization; log visualization; network visualization; packet visualization; payload visualization; Computer Communication Networks; Computer Graphics; Information Storage and Retrieval; Signal Processing, Computer-Assisted; Software; User-Computer Interface;
Journal_Title :
Computer Graphics and Applications, IEEE
DOI :
10.1109/MCG.2006.30
