Command line or pretty lines? Comparing textual and visual interfaces for intrusion detection

Ramona Su Thompson, Esa M. Rantanen, William Yurcik, Brian P. Bailey

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Intrusion detection (ID) is one of network security engineers' most important tasks. Textual (command-line) and visual interfaces are two common modalities used to support engineers in ID. We conducted a controlled experiment comparing a representative textual and visual interface for ID to develop a deeper understanding about the relative strengths and weaknesses of each. We found that the textual interface allows users to better control the analysis of details of the data through the use of rich, powerful, and flexible commands while the visual interface allows better discovery of new attacks by offering an overview of the current state of the network. With this understanding, we recommend designing a hybrid interface that combines the strengths of textual and visual interfaces for the next generation of tools used for intrusion detection.

Original languageEnglish (US)
Title of host publicationProceedings of the SIGCHI Conference on Human Factors in Computing Systems 2007, CHI 2007
Pages1205-1214
Number of pages10
DOIs
StatePublished - Oct 22 2007
Event25th SIGCHI Conference on Human Factors in Computing Systems 2007, CHI 2007 - San Jose, CA, United States
Duration: Apr 28 2007May 3 2007

Publication series

NameConference on Human Factors in Computing Systems - Proceedings

Other

Other25th SIGCHI Conference on Human Factors in Computing Systems 2007, CHI 2007
CountryUnited States
CitySan Jose, CA
Period4/28/075/3/07

    Fingerprint

Keywords

  • Intrusion detection
  • Network security
  • Textual interfaces
  • User study
  • Visual interfaces

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Graphics and Computer-Aided Design

Cite this

Thompson, R. S., Rantanen, E. M., Yurcik, W., & Bailey, B. P. (2007). Command line or pretty lines? Comparing textual and visual interfaces for intrusion detection. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems 2007, CHI 2007 (pp. 1205-1214). (Conference on Human Factors in Computing Systems - Proceedings). https://doi.org/10.1145/1240624.1240807