ISU Electrical and Computer Engineering Archives

Exploring Utilization of Visualization for Computer and Network Security

Luse, Andrew (2009) Exploring Utilization of Visualization for Computer and Network Security. PhD thesis, Iowa State University.

Full text available as:

PDF - Registered users only - Requires Adobe Acrobat Reader or other PDF viewer.

Abstract

The role of the network security administrator is continually morphing to keep pace with the ever-changing area of computer and network security. These changes are due in part to both the continual development of new security exploits by attackers as well as improvements in network security products available for use. One area which has garnered much research in the past decade is the use of visualization to ease the strain on network security administrators. Visualization mechanisms utilize the parallel processing power of the human visual system to allow for the identification of possible nefarious network activity. This research details the development and use of a visualization system for network security. The manuscript is composed of four papers which provide a progression of research pertaining to the system. The first paper utilizes research in the area of information visualization to develop a new framework for designing visualization systems for network security. Next, a visualization system is developed in the second paper which has been utilized during multiple cyber defense competitions to aid in competition performance. The last two papers deal with evaluating the developed system. First, an exploratory analysis provides an initial assessment using participant interviews during one cyber defense competition. Second, a quasi field experiment explores the intention of subjects to use the system based on the type of visualization being viewed.

EPrint Type:Thesis (PhD)
Subjects:Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Information Assurance
Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Computer Networking and Security
ID Code:481
Identification Number:Identification Number UNSPECIFIED
Deposited By:Andrew Luse
Deposited On:18 April 2009

Archive Staff Only: edit this record