Visualization Techniques for Intrusion Detection

Abstract

This paper reports on the experiences of using interactive animated 2D and 3D graphics in an Intrusion Detection (ID) Analysts Workbench prototype. Visualization techniques allow people to see and comprehend large amounts of complex data. Graphics are used to assist with the ID investigation and reporting process by helping the analyst identify significant incidents and reduce false conditions (positives, negatives and alarms). Visualization is then used in reporting incidents to a broader senior level audience. Complex patterns are clearly displayed over time in an easy to understand and compelling manner. Initial evaluations of the prototype have been positive, and a second development stage has been initiated.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 01, 2004
Accession Number
ADA428197

Entities

People

  • Peter Clarke
  • William Wright

Organizations

  • Oculus Info Inc.

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Anomaly Detection
  • Change Detection
  • Data Fusion
  • Data Sets
  • Detection
  • Detectors
  • Graphics
  • Information Science
  • Information Systems
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Prototypes
  • Statistical Analysis
  • Visualizations

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Systems Analysis and Design