Image Processing Reference
In-Depth Information
approach allows the user to see overviews of a single time step, the progression
of the data over time, drill downs to explore interesting spatial locations, including
direct data display, and finally query-based exploration for more complex analyses.
1.6.3 Security and Intelligence
Security and intelligence uncertainty factors are a natural fit for security visualization,
where making well-informed decisions is the primary goal. Enforcing security has
become a top priority among a wide range of real-life applications, for instance large
corporate or government/military networks. However, the task of decision making
is notoriously difficult due to the malicious, hidden nature of attacks, sparse sam-
pling of real-time environment, and time-critical requirements. Therefore, in security
analysis uncertainty often exists among decisions at all levels, ranging from global
scale such as “is there any malicious activity?” to finer scale such as “which enti-
ties are malicious?” or “in what order did these events actually occur?”. The results
of these decisions are used to make recommendations which can have significant
operational impact, as nodes identified as malicious will be quarantined or removed
from the network. Previously, both automated attack mitigation and interactive visu-
alization approaches have been developed for security visualization. These existing
techniques serve as a good platform for the integration of uncertainty visualizations
and interactions. For example, several visual abstractions have been explored for
detecting the sybil attack, which is a coordinated attack that can subvert many types
of networks [
24
]. Sybil attacks are challenging to detect due to their variable attack
forms and patterns. Because of this, traditional signature-based or behavior-based
methods are ineffective, and security analysts must often find these nodes through
manual analysis of their network. Visual abstractions from both adjacency matrix
of the network connections [
59
] and spectral space [
37
] are explored, which can
elucidate the signature patterns of an attack and apply automatic pattern matching
algorithms or interactive analysis methods to search for similar patterns. As the short
to existing detection mechanisms to improve the continuing analytic process. Since
uncertainty is prevalent in security applications, the impact of uncertainty should
be integrated into the entire procedure of data analysis and interactive exploration.
Many current security visualization approaches can and should be augmented with
interactions and visualizations for specifying and managing analytic uncertainty. By
integrating analytic uncertainty in security visualization, analysts are able to make
better-informed decisions regarding critical network infrastructure issues.
Search WWH ::
Custom Search