You are here: Home Contents V8 N3 V8N3_Luse.html
Personal tools

Employing Interactive Maps to Increase User Utilization of Visualization Mechanisms for Network Security



Full text

Journal of Information Systems Security
Volume 8, Number 3 (2012)
Pages 2953
ISSN 1551-0123 (Print)
ISSN 1551-0808 (Online)
Andy Luse — Oklahoma State University, USA
Brian Mennecke — Iowa State University, USA
Anthony Townsend — Iowa State University, USA
Doug Jacobson — Iowa State University, USA
Information Institute Publishing, Washington DC, USA




Visualization technologies offer a powerful tool that enables corporate network security administration, and the purpose of this article is to examine the use of  interactive maps to increase the use of  such visualization mechanisms. A field quasi-experiment is run during two cyber defense competitions to analyze user differences in intention to use the system based on whether or not a map-based visualization mechanism is used.  Results show that there exists a significant difference in subject intention to use a map-based system depending on the level of prior knowledge that the subject has in computer and network security. 




Visualization; Computer Security; Network Security; Interactive Map; Network Security Administration




Bertin, J. (1967). Semiologie Graphique. Paris: Mouton-Gautier.

Bertin, J. (1983). Semiology of graphics: Diagrams, networks, maps (W. J. Berg, Trans.). Madison, WI: University of Wisconsin Press.

Chamalese, G., & Pridgen, A. (2004). The Success of the UT IEEE Communications Society. Paper presented at the 8th Colloquium for Information Systems Security Education.

Chi, M. T. H., Feltovich, P. J., & Glaser, R. (1981). Categorization and Representation of Physics Problems by Experts and Novices. Cognitive Science, 5, 121-152.

Conklin, A. (2006). Cyber Defense Competitions and Information Security Education: An Active Learning Solution for a Capstone Course. Paper presented at the 39th Annual Hawaii International Conference on System Sciences, 2006. HICSS '06.

Cowan, C., Arnold, S., Beattie, S., Wright, C., & Viega, J. (2003). Defcon Capture the Flag: Defending Vulnerable Code from Intense Attack. Paper presented at the 2003 DARPA Information Survivability Conference and Exposition.

Dennis, A. R., & Carte, T. (1998). Using Geographical Information Systems for Decision Making: Extending Cognitive Fit Theory to Map-based Presentations. Information Systems Research, 9(2), 194-203.

Dodge, R. C., & Ragsdale, D. J. (2004). Organized Cyber Defense Competitions. Paper presented at the IEEE International Conference on Advanced Learning Technologies.

Few, S. (2006). Information Dashboard Design: The Effective Visual Communication of Data. Sebastopol, CA: O'Reilly Media, Inc.

Foresti, S., Agutter, J., Livnat, Y., Moon, S., & Erbacher, R. (2006). Visual Correlation of Network Alerts. IEEE Computer Graphics and Applications, 26(2), 48-59.

Goodall, J. R. (2005). User Requirements and Design of a Visualization for Intrusion Detection Analysis. Paper presented at the 2005 IEEE Workshop on INformation Assurance and Security, United States Military Academy, West Point, NY.

Goodall, J. R., Lutters, W. G., & Komlodi, A. (2004). The Work of Intrusion Detection: Rethinking the Role of Security Analysts. Paper presented at the Tenth Americas Conference on Information Systems, New York, NY.

Goodall, J. R., Lutters, W. G., Rheingans, P., & Komlodi, A. (2005, Oct. 26, 2005). Preserving the big picture: visual network traffic analysis with TNV. Paper presented at the IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05), Minneapolis, MN.

Goodall, J. R., Ozok, A. A., Lutters, W. G., Rheingans, P., & Komlodi, A. (2005, 2005). A user-centered approach to visualizing network traffic for intrusion detection. Paper presented at the Conference on Human Factors in Computing Systems, Portland, OR.

Hardiman, P. T., Difresne, R., & Mestre, J. P. (1989). The Relation Between Problem Categorization and Problem Solving among Experts and Novices. Memory & Cognition, 17, 627-638.

Hayes, J. R., & Simon, H. A. (1976). The Understanding Process: Problem Isomorphs. Cognitive Psychology, 8, 165-190.

Heppner, P. P., Wampold, B. E., & Kivlighan, D. M. (2008). Research Design in Counseling (3rd ed.). Belmont, CA: Thomson Brooks/Cole.

Hoffman, L. J., Rosenberg, T., Dodge, R., & Ragsdale, D. (2005). Exploring a national cybersecurity exercise for universities. IEEE Security & Privacy, 3(5), 27-33.

Jacobson, D., & Evans, N. (2006). Cyber Defense Competition. Paper presented at the 2006 ASEE Annual Conference & Exposition: Excellence in Education.

Komlodi, A., Goodall, J. R., & Lutters, W. G. (2004, 2004). An Information Visualization Framework for Intrusion Detection. Paper presented at the Conference on Human Factors in Computing Systems, Vienna, Austria.

Komlodi, A., Rheingans, P., Ayachit, U., Goodall, J. R., & Joshi, A. (2005, Oct. 26, 2005). A user-centered look at glyph-based security visualization. Paper presented at the IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05), Minneapolis, MN.

Lakkaraju, K., Bearavolu, R., & Yurcik, W. (2003, 2003). Nvisionip – a traffic visualization tool for security analysis of large and complex networks. Paper presented at the International Multiconference on Measurement, Modelling, and Evaluation of Computer-Communications Systems (Performance TOOLS).

Lakkaraju, K., Yurcik, W., Bearavolu, R., & Lee, A. J. (2004, 10-13 Oct. 2004). NVisionIP: an interactive network flow visualization tool for security. Paper presented at the 2004 IEEE International Conference on Systems, Man, and Cybernetics, Urbana, IL.

Lakkaraju, K., Yurcik, W., & Lee, A. J. (2004, 2004). NVisionIP: netflow visualizations of system state for security situational awareness. Paper presented at the 2004 ACM workshop on Visualization and data mining for computer security, Washington DC.

Leinhardt, G. (1983). Novices and Expert Knowledge of Individual Student's Achievement. Educational Psychologist, 18, 165-179.

Livnat, Y., Agutter, J., Moon, S., Erbacher, R. F., & Foresti, S. (2005, 17-19 June 2005). A Visualization Paradigm for Network Intrusion Detection. Paper presented at the 2005 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY.

Luse, A., Mennecke, B. E., Triplett, J., Karstens, N., & Jacobson, D. (2011). A Design Methodology and Implementation for Corporate Network Security Visualization: A Modular-Based Approach. AIS Transactions on Human-Computer Interaction, 3(2), 105-132.

Luse, A., Scheibe, K. P., & Townsend, A. M. (2008). A Component-Based Framework for Visualization of Intrusion Detection Events. Information Security Journal, 17(2), 95-107.

Mackay, J. M., & Elam, J. J. (1992). A Comparative Study of How Experts and Novices Use a Decision Aid to Solve Problems in Complex Knowledge Domains. Information Systems Research, 3(2), 150-172.

Mennecke, B. E., Crossland, M. D., & Killingsworth, B. L. (2000). Is a Map More than a Picture? An Examination of the Role of Subject Characteristics, Task Complexity, and Technology on Map Reading and Decision Making. MIS Quarterly, 24(4), 601-630.

Newell, A., & Simon, H. A. (1972). Human Problem Solving. Englewood-Cliffs, NJ: Prentice-Hall, Inc.

Oline, A., & Reiners, D. (2005, Oct. 26, 2005). Exploring three-dimensional visualization for intrusion detection. Paper presented at the IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05), Minneapolis, MN.

Richardson, R. (2008). 2008 CSI Computer Crime & Security Survey. Computer Security Institute, 1-30.

Riding, R., & Rayner, S. (1998). Cognitive styles and learning strategies. London: David Fulton Publishers.

Schepens, W., Ragsdale, D., & Surdu, J. R. (2002). The Cyber Defense Exercise: An Evaluation of the Effectiveness of Information Assurance Education. The Journal of Information Security, 1(2).

Schepens, W. J., & James, J. R. (2003). Architecture of a Cyber Defense Compeition. Paper presented at the IEEE International Conference on Systems, Man and Cybernetics.

Schoenfeld, A. H., & Herrmann, D. J. (1982). Problem Perception and Knowledge Structure in Expert and Novice Mathematical Problem Solvers. Journal of Experimental Psychology: Learning, Memory, & Cognition, 8, 484-494.

Shanteau, J. (1992). Competence in Experts: The Role of Task Characteristic. Organizational Be- havior and Human Decision Processes, 53, 252-266.

Shneiderman, B., & Plaisant, C. (2005). Designing the User Interface (4th ed.): Pearson Education, Inc.

Simon, D. P., & Simon, H. A. (1978). Individual Differences in Solving Physics Problem. In R. S. Siegler (Ed.), Childrens Thinking: What Develops? Hillsdale, NJ: Lawrence Erlbaum Associates.

Smelcer, J. B., & Carmel, E. (1997). The Effectiveness of Difference Representations for Managerial Problem Solving: Comparing Tables and Maps. Decision Sciences, 28(2), 391-420.

Sweller, J. (1988). Cognitive load during problem solving: Effects on learning. Cognitive science, 12(2), 257.

Sweller, J. (1998). Cognitive architecture and instructional design. Educational psychology review, 10(3), 251.

Swink, M., & Speier, C. (1999). Presenting Geographic Information: Effects of Data Aggregation, Dispersion, and Users’ Spatial Orientation. Decision Sciences, 30(1), 169-195.

Takada, T., & Koike, H. (2002, 10-12 July 2002). Tudumi: information visualization system for monitoring and auditing computer logs. Paper presented at the Sixth International Conference on Information Visualisation, Japan.

Venkatesh, V., Morris, M. G., Davis, G. B., & Davis, F. D. (2003). User acceptance of information technology: Toward a unified view. MIS Quarterly, 27(3), 425-478.

Vessey, I. (1991). Cognitive Fit: Theory-based Analyses of the Graphs Versus Tables Literature. Decision Sciences, 22(1), 219-241.

Vessey, I. (1994). The Effects of Information Presentation on Decision Making. Information & Management, 27(2), 103-117.

Vessey, I., & Galletta, D. (1991). Cognitive Fit: An Empirical Study of Information Acquisition. Information Systems Research, 2(1), 63-84.

Vigna, G. (2003a). Teaching Hands-On Network Security: Testbeds and Live Exercises. Journal of Information Warfare, 3(2), 8-24.

Vigna, G. (2003b). Teaching Network Security Through Live Exercises. Paper presented at the 3rd Ann. World Conf. Information Security Education (WISE 3).

Yin, X., Yurcik, W., Treaster, M., Li, Y., & Lakkaraju, K. (2004, 2004). VisFlowConnect: netflow visualizations of link relationships for security situational awareness. Paper presented at the 2004 ACM workshop on Visualization and data mining for computer security, Washington DC.