Journal of the Ergonomics Society of Korea (대한인간공학회지)

Ergonomics Society of Korea (대한인간공학회)
권호 표지
DOI QR코드

DOI QR Code

An Effective Information Visualization Technique for Intrusion Detection: Hyperbolic View Intrusion Visualizer

  • Jeong, Yun-Seok (Department of Industrial Management Engineering, Korea University) ;
  • Myung, Ro-Hae (Department of Industrial Management Engineering, Korea University)
  • Received : 2010.11.05
  • Accepted : 2010.12.10
  • Published : 2011.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

In computer forensics investigation, the investigators collect, protect, analyze and interpret massive amount of data which were used in cyber crime. However, due to its huge amount of information, it takes a great deal of time and errors often result even when they use forensics investigation tool in the process. The information visualization techniques will greatly help to improve the information processing ability of human when they deal with the overwhelming amount of data and have to find out significant information in it. The importance of Intrusion Detection System(IDS) among network forensics is being emphasized in computer forensics. In this study, we apply the information visualization techniques which are proposed to be a great help to IDS and carry out the usability test to find out the most effective information visualization techniques for IDS.

Keywords

References

  1. 김기준, 류수연, 이장호, 김지인, Hyperbolic Tree를 이용한 Bookmark의 시각화, 한국정보과학회 봄 학술발표논문집, 26(1), 422-424, 1999.
  2. 박구, 컴퓨터 포렌식스 관점의 해킹수사 방법에 관한 연구, 석사학위논문, 고려대학교대학원 디지털정보공학과, 2007.
  3. 박종성, 자동화된 침해사고대응시스템에서의 네트웍 포렌식 정보에 대한 정의, 석사학위논문, 고려대학교대학원 정보보호학과, 2004.
  4. 배준우, 정보시각화의 새로운 분류법에 관한 연구, 석사학위논문, 고려대학교대학원 산업시스템정보공학과, 2008.
  5. 전상덕, 홍동숙, 한기준, 디지털 포렌식의 기술 동향과 전망, 정보화정책, 13(4), 3-19, 2006.
  6. 조선영, 포렌식 수사 관점에서의 디스크 정보의 효율적인 표현에 관한 연구, 석사학위논문, 고려대학교대학원 정보보호학과, 2006.
  7. 윤성종, 김정호, 방화벽 로그를 이용한 침입탐지 기법 연구, Journal of Information Technology Applications & Management, 13(4), 141-153, 2006.
  8. 황규민, Fisheye view를 이용한 PDA의 메뉴 디자인에 대한 정보시각화 방안, 석사학위논문, 고려대학교대학원 산업시스템정보공학과, 2004.
  9. 황보택근, 이수진, 인터넷 쇼핑몰에서 효율적인 상품 검색을 위한 가시화 방법, 한국 인터넷 정보 학회, 6(5), 111-121, 2005.
  10. Ball, R., Fink, G. A. and North, C., "Home-Centric Visualization of Network Traffic for Security Administration", ACM Workshop Visualization and Data Mining for Computer Security(VizSEC/DMSEC)(pp.55-64), Washington D.C., USA, 2004.
  11. Bederson, B. B., Fisheye Menus, ACM Symposium on User Interface Software and Technology(UIST 2000) CHI Letters, 2(2), 217-225, 2000.
  12. Bunting, S. and Wei, W., The Official EnCase Examiner Study Guide, Sybex, 2006.
  13. Card, S., et al., Readings in Information Visualization-Using Vision to Think, Morgan Kaufmann, 1999.
  14. Choi, H. and Lee, H., PCAV: Internet Attack Visualization on Parallel Coordinates, Information and Communications Security, 3783, 454-466, 2005. https://doi.org/10.1007/11602897_38
  15. Conti, G. and Abdullah, K., "Passive Visual Fingerprinting of Network Attack Tool", VisSEC/DMSEC '04(pp. 45-54), NY, USA, 2004.
  16. Conti, G., Security Data Visualization, No Starch Press Inc., 2007.
  17. Furnas, G. W., Generalized Fisheye Views, Proceedings of Human Factors in Computing System(CHI 86) ACM Press, 16-23, 1986.
  18. Furnas, G. W., "Effective View Navigation", SIGCHI 97 Conference Proceeding(ACM)(pp. 367-374), Atlanta, GA, 1997.
  19. Furnas, G. W., "A Fisheye Follow-up: Further Reflection on Focus + Context", SIGCHI 2006 Proceedings(pp. 999-1008), Montreal, Quebec, 2006.
  20. Keahey, T. A. and Robertson, E. L., Techniques for Non-Linear Magnification Transformation, Proceedings of the IEEE Symposium on InfoVis '97, 38-45, 1997. https://doi.org/10.1109/INFVIS.1996.559214
  21. Lamping, J., Rao, R. and Pirolli, P., A Focus + Context Technique Based on Hyperbolic Geometry for Visualizing Large Hierarchies, Proceedings of Human Factors in Computing Systems(CHI 95) ACM Press, 401-408, 1995.
  22. Lamping, J. and Rao, R., The Hyperbolic Browser: Focus + Context Technique for Visualizing Large Hierarchies, Journal of Visual Languages and Computing, 7, 33-55, 1996. https://doi.org/10.1006/jvlc.1996.0003
  23. Leung, Y. K. and Apperley, M. D., A Review and Taxonomy of Distortion-Oriented Presentation Techniques, ACM Transactions on Computer- Human Interaction, 1(2), 126-160, 1994. https://doi.org/10.1145/180171.180173
  24. Munzner, T. and Burchard, P., "Visualizing the Structure of the World Wide Web in 3D Hyperbolic Space", Proceedings of the VRML '95 Symposium, San Diego. CA. 1995.
  25. Munzner, T., H3: Laying Out Large Directed Graphs in 3D Hyperbolic Space, Proceeding of IEEE Symposium on InfoVis '97, 2-10, 1997. https://doi.org/10.1109/INFVIS.1997.636718
  26. Sarker, M. and Brown, M. H., Graphical Fisheye Views of Graphs, In Proceedings of Human Factors in Computing Systems(CHI 92) ACM Press, 83-91, 1992.
  27. Schaffer, D., et al., Navigating hierarchically clustered networks through fisheye and full-zoom methods, ACM Transactions on Computer- Human Interaction, 3(2), 162-188, 1996. https://doi.org/10.1145/230562.230577
  28. Stolze, M., Pawlitzek, R. and Wespi, A., "Visual problem-solving support for new event triage in centralized network security monitoring: challenges, tools and benefits", GI-SIDAR Conf. ITIncident Management & IT-Forensics(IMF)(pp.67-76), Stuttgart, Deutschland, 2003.
  29. Teerlink, S. and Erbacher, R. F., Improving the Computer Forensic Analysis Process Through Visualization, Communication of the ACM, 49(2), 2006.
  30. Teerlink, S., et al., "Foundations for Visual Forensic Analysis", Proceeding of the 7th IEEE Workshop on Information Assurance, NY, USA, 2006. https://doi.org/10.1109/IAW.2006.1652095
  31. Ware, C., Information Visualization: Perception for Design, 2nd ed., Morgan Kaufmann, 2004.
  32. Yin, X., et al., "VisFlowConnect: netflow visualization of link relationships for security situational awareness", Proc. of VizSEC 2004(pp. 26-34), NY, USA, 2004.