Abstract
Network security defense often involves uncertain data which can lead to uncertain judgments regarding the existence and extent of attacks. However, analytic uncertainty and false positive decisions can be integrated into analysis tools to facilitate the process of decision making. This paper presents an interactive method to specify and visualize uncertain decisions to assist in the detection process of network intrusions. Uncertain decisions on the degree of suspicious activity for both temporal durations and individual nodes are integrated into the analysis process to aide in revealing hidden attack patterns. Our approach has been implemented in an existing security visualization system, which is used as the baseline for comparing the effects of newly added uncertainty visualization component. The case studies and comparison results demonstrate that uncertainty visualization can significantly improve the decision making process for attack detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Coninx, A., Bonneau, G.P., Droulez, J., Thibault, G.: Visualization of uncertain scalar data fields using color scales and perceptually adapted noise. In: Applied Perception in Graphics and Visualization (2011)
Conti, G., Ahamad, M., Stasko, J.: Attacking information visualization system usability overloading and deceiving the human. In: Proceedings of the 2005 Symposium on Usable privacy and security, SOUPS ’05. ACM, New York (2005)
Cook, K.A., Thomas, J.J.: Illuminating the Path. IEEE Computer Society, Los Alamitos (2005)
Deitrick, S., Edsall, R.: The influence of uncertainty visualization on decision making: An empirical evaluation. In: Progress in Spatial Data Handling, pp. 719–738. Springer, Berlin Heidelberg (2006)
Fink, G.A., North, C.L., Endert, A., Rose, S.: Visualizing cyber security: Usable workspaces (2009)
Griethe, H., Schumann, H.: Visualizing uncertainty for improved decision making. In: Proceedings of the 4th International Conference on Business Informatics Research. Skövde, Sweden (2005)
Harrison, L., Hu, X., Ying, X., Lu, A., Wang, W., Wu, X.: Interactive detection of network anomalies via coordinated multiple views. In: Proceedings of the Seventh International Symposium on Visualization for Cyber Security, VizSec ’10, ACM (2010)
Jaferian, P., Botta, D., Raja, F., Hawkey, K., Beznosov, K.: Guidelines for designing it security management tools. In: Proceedings of the 2nd ACM Symposium on Computer Human Interaction for Management of Information Technology, CHiMiT ’08. ACM, New York (2008)
Johnson, C.R.: Top scientific visualization research problems. IEEE Comput. Graph. Appl. 24(4), 13–17 (2004)
Johnson, C.R., Sanderson, A.R.: A next step: visualizing errors and uncertainty. IEEE Comput. Graph. Appl. 23(5), 6–10 (2003)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag London
About this chapter
Cite this chapter
Harrison, L., Lu, A. (2014). Incorporating Uncertainty in Intrusion Detection to Enhance Decision Making. In: Hansen, C., Chen, M., Johnson, C., Kaufman, A., Hagen, H. (eds) Scientific Visualization. Mathematics and Visualization. Springer, London. https://doi.org/10.1007/978-1-4471-6497-5_7
Download citation
DOI: https://doi.org/10.1007/978-1-4471-6497-5_7
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-6496-8
Online ISBN: 978-1-4471-6497-5
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)