CT-ISG: Empirically-Based Visualization for Computer Security and Forensics
Mississippi State University, Mississippi State MS
Investigators
Abstract
T. J. Jankun-Kelly Mississippi State University 0627407 Panel P060969 Abstract This research investigates a process for developing empirically validated computer security and digital forensics visualization tools. The amount of security and forensics data is too immense for an analyst to understand directly; this project utilizes computer generated depictions of this information to facilitate the comprehension of the data and to reduce decision time required to act upon the data. In order to validate that the generated visualization are effective---vital for the visualization's products to be used in a court of law---an empirical validation of the developed tools is being performed. Two problems domains are explored by this research: Network security (the securing of Internet traffic) and computer forensics (the process of gathering evidence on digital devices). For each, a thorough domain-analysis is being performed in cooperation with network analysts and law enforcement officials in order to identify their data of interest and required tasks. This domain analysis informs the design of the visualization, which in-turn are being validated via user studies involving the pertinent users. The results of this research will address pressing needs in network security and computer forensics---the data involved in each is too demanding for direct analysis. First, tools with measurable benefits will be provided to the user community. Secondly, the process used to created said tools will inform the development of similar tools in order to promote demonstrably rigorous and effective visualization methods.
View original record on NSF Award Search →