Skip to main content
Springer Nature Link
Log in

Leveraging Cognitive Principles to Improve Security Visualization

  • Conference paper
Networked Digital Technologies (NDT 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 294))

Included in the following conference series:

Abstract

Every day, networks are flooded with data that far exceeds what humans can feasibly comb through in a timely manner. Security analysts have turned to visualization techniques to in an attempt to streamline the identification of network threats. The problem is that most security visualization techniques do not take into account the cognitive principles that enable human beings to rapidly process information visually. We propose a tool, called the Converged Security Visualization Tool (Cover-VT), designed on these cognitive principles. Our tool facilitates rapid identification of threats by minimizing the cognitive obstacles to efficient threat location. Cover-VT is scalable meaning that analysts can identify threats from a global view or drill down to a pinpoint view to identify the source of an infection. Cover-VT was also designed with usability in mind, making it easy to comprehend regardless of the level of user experience.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Shelly, D., Dunlop, M., Marchany, R., Sforza, P.: Using geographic information systems for enhanced security visualization. In: The 1st International Conference on Computing for Geospatial Research and Application, COM. Geo. (June 2010)

    Google Scholar 

  2. Taylor, S.M.: How much information is enough? decision-making and cognitive analysis. In: 10th International Command and Control Research and Technology Symposium (June 2005)

    Google Scholar 

  3. Miller, G.: The magical number seven, plus or minus two: Some limits on our capacity for processing information. The Psychological Review 63(2), 81–97 (1956)

    Article  Google Scholar 

  4. Wegman, E.J.: Visual data mining. Statistics in Medicine 22(9), 1383–1397 (2003)

    Article  Google Scholar 

  5. Snort, http://www.snort.org/ (accessed April 2, 2010)

  6. Conti, G., Abdullah, K., Grizzard, J., Stasko, J., Copeland, J., Ahamad, M., Owen, H., Lee, C.: Countering security information overload through alert and packet visualization. IEEE Computer Graphics and Applications 26(2), 60–70 (2006)

    Article  Google Scholar 

  7. Wegman, E.J.: Huge data sets and the frontiers of computational feasibility. Journal of Computational and Graphical Statistics 4(4), 281–295 (1995)

    MathSciNet  Google Scholar 

  8. Steinman, S.B.: Serial and parallel search in pattern vision? Perception 16(3), 389–398 (1987)

    Article  Google Scholar 

  9. Healey, C.G.: Perception in visualization, http://www.csc.ncsu.edu/faculty/healey/PP/index.html (last updated May 11, 2009)

  10. Rosenholtz, R., Li, Y., Nakano, L.: Measuring visual clutter. Journal of Vision 7(2), 1–22 (2007)

    Article  Google Scholar 

  11. Phillips, R.J.: An investigation of visual clutter in the topographic base of a geological map. The Cartographic Journal 19(2), 122–132 (1982)

    Article  Google Scholar 

  12. Nowell, L., Hetzler, E., Tanasse, T.: Change blindness in information visualization: A case study. In: INFOVIS 2001: the IEEE Symposium on Information Visualization, pp. 15–22. IEEE Computer Society, Washington, DC (2001)

    Chapter  Google Scholar 

  13. Simons, D.J.: Current approaches to change blindness. Visual Cognition 7(1), 1–15 (2000)

    Article  MathSciNet  Google Scholar 

  14. Rensink, R.A., O’Regan, J.K., Clark, J.J.: To See or Not to See: The Need for Attention to Perceive Changes in Scenes. Psychological Science 8, 368–373 (1997)

    Article  Google Scholar 

  15. Rensink, R.A.: The need for attention to see change, http://www.psych.ubc.ca/~rensink/flicker/index.html (accessed April 25, 2010)

  16. Patcha, A., Park, J.M.: A revised taxonomy for intrusion-detection systems. Annals of Telecommunications 55(7-8), 361–378 (2000)

    Google Scholar 

  17. Kasemsri, R.R.: A Survey, Taxonomy, and Analysis of Network Security Visualization Techniques. Master’s thesis, Georgia State University (2005)

    Google Scholar 

  18. Patcha, A., Park, J.M.: An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks 51(12), 3448–3470 (2007)

    Article  Google Scholar 

  19. Open Source Security Information Management (OSSIM), http://www.alienvault.com/community.php?section=Home (accessed April 9, 2010)

  20. DShield, http://www.dshield.org/ (accessed April 9, 2010)

  21. Koike, H., Ohno, K.: SnortView: visualization system of Snort logs. In: The 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 143–147. ACM, New York (2004)

    Chapter  Google Scholar 

  22. ArcSight ESM Enterprise Security Manager, http://www.arcsight.com/products/products-esm/ (accessed April 9, 2010)

  23. SnoGE, http://leonward.wordpress.com/snoge/ (accessed April 16, 2010)

  24. RUMINT, http://www.rumint.org/ (accessed April 16, 2010)

  25. Yin, X., Yurcik, W., Treaster, M., Li, Y., Lakkaraju, K.: VisFlowConnect: netflow visualizations of link relationships for security situational awareness. In: The 2004 ACM Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC 2004), pp. 26–34. ACM, New York (2004)

    Chapter  Google Scholar 

  26. AfterGlow, http://afterglow.sourceforge.net/ (accessed April 9, 2010)

  27. Shannon, C.E.: A mathematical theory of communications. The Bell Systems Technical Journal 27 (1948)

    Google Scholar 

  28. Open Geospatial Consortium KML, http://www.opengeospatial.org/standards/kml/ (accessed April 21, 2010)

  29. Wolfe, J.M., Cave, K.R., Franzel, S.L.: uided search: an alternative to the feature integration model for visual search. Journal of Experimental Psychology: Human Perception and Performance 27(3), 419–433 (1989)

    Article  Google Scholar 

  30. Woodruff, A., Landay, J., Stonebraker, M.: Constant information density in zoomable interfaces. In: The 4th International Working Conference on Advanced Visual Interfaces (AVI 1998), pp. 57–65 (1998)

    Google Scholar 

  31. Stroe, I.D., Rundensteiner, E.A., Ward, M.O.: Scalable Visual Hierarchy Exploration. In: Ibrahim, M., Küng, J., Revell, N. (eds.) DEXA 2000. LNCS, vol. 1873, pp. 784–793. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  32. Jacko, J.A., Sears, A. (eds.): The human-computer interaction handbook: fundamentals, evolving technologies and emerging applications. L. Erlbaum Associates Inc., Hillsdale (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Bradley Department of Electrical and Computer Engineering, Virginia Tech, Blacksburg, VA, 24061, USA

    Matthew Dunlop & Joseph Tront

  2. Virginia Tech Information Technology Security Office, Virginia Tech, Blacksburg, VA, 24061, USA

    Matthew Dunlop, William Urbanski & Randy Marchany

Authors
  1. Matthew Dunlop
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. William Urbanski
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Randy Marchany
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Joseph Tront
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Software Engineering, Faculty of Engineering, Lakehead University, 955 Oliver Rd., P7B 5E1, Thunder Bay, Ontario, Canada

    Rachid Benlamri

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Dunlop, M., Urbanski, W., Marchany, R., Tront, J. (2012). Leveraging Cognitive Principles to Improve Security Visualization. In: Benlamri, R. (eds) Networked Digital Technologies. NDT 2012. Communications in Computer and Information Science, vol 294. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30567-2_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30567-2_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30566-5

  • Online ISBN: 978-3-642-30567-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics