Advertisement

VizSEC 2007 pp 19-37 | Cite as

The Real Work of Computer Network Defense Analysts

The Analysis Roles and Processes that Transform Network Data into Security Situation Awareness
  • A. D’Amico
  • K. Whitley
Part of the Mathematics and Visualization book series (MATHVISUAL)

Abstract

This paper reports on investigations of how computer network defense (CND) analysts conduct their analysis on a day-to-day basis and discusses the implications of these cognitive requirements for designing effective CND visualizations. The supporting data come from a cognitive task analysis (CTA) conducted to baseline the state of the practice in the U.S. Department of Defense CND community. The CTA collected data from CND analysts about their analytic goals, workflow, tasks, types of decisions made, data sources used to make those decisions, cognitive demands, tools used and the biggest challenges that they face. The effort focused on understanding how CND analysts inspect raw data and build their comprehension into a diagnosis or decision, especially in cases requiring data fusion and correlation across multiple data sources. This paper covers three of the findings from the CND CTA: (1) the hierarchy of data created as the analytical process transforms data into security situation awareness; (2) the definition and description of different CND analysis roles; and (3) the workflow that analysts and analytical organizations engage in to produce analytic conclusions.

Keywords

Situation Awareness Incident Report Forensic Analysis Internet Protocol Address Shared Mental Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • A. D’Amico
    • 1
  • K. Whitley
    • 2
  1. 1.Secure Decisions division of Applied Visions, Inc.USA
  2. 2.Department of DefenseUSA

Personalised recommendations