Show Me How You See: Lessons from Studying Computer Forensics Experts for Visualization

  • T. J. Jankun-Kelly
  • Josh Franck
  • David Wilson
  • Jeffery Carver
  • David Dampier
  • J. Edward SwanII
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5210)


As the first part of a Analyze-Visualize-Validate cycle, we have initiated a domain analysis of email computer forensics to determine where visualization may be beneficial. To this end, we worked with police detectives and other forensics professionals. However, the process of designing and executing such a study with real-world experts has been a non-trivial task. This paper presents our efforts in this area and the lessons learned as guidance for other practitioners.


Task Analysis Child Pornography Computer Crime Police Detective Fraud Case 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Householder, A., Houle, K., Dougherty, C.: Computer attack trends challenge internet security. IEEE Computer 35(4), 5–7 (2002)Google Scholar
  2. 2.
    Noblett, M., Pollit, M., Presley, L.: Recovering and examining computer forensic evidence. Forensic Science Communications 2(4) (2000)Google Scholar
  3. 3.
    Wolfe, H.: Computer forensics. Computers and Security 22(1), 26–28 (2003)CrossRefGoogle Scholar
  4. 4.
    Bequai, A.: Syndicated crime and international terrorism. Computers and Security 21(4), 333–337 (2002)CrossRefGoogle Scholar
  5. 5.
    Kessler, G., Schirling, M.: Computer forensics: Cracking the books, cracking the case. Information Security, 68–81 (2002)Google Scholar
  6. 6.
    Thompson, R.: Chasing after ’petty’ computer crime. IEEE Potentials 18(1), 20–22 (1999)CrossRefGoogle Scholar
  7. 7.
    Teelink, S., Erbacher, R.F.: Improving the computer forensic analysis process through visualization. Communications of the ACM 49(2), 71–75 (2006)CrossRefGoogle Scholar
  8. 8.
    Host, M., Runeson, P.: Checklists for sofware engineering case study research. In: International Symposium on Empirical Software Engineering and Measurement, pp. 479–481 (2007)Google Scholar
  9. 9.
    Kosara, R., Healey, C.G., Interrante, V., Laidlaw, D.H., Ware, C.: User studies: Why, how, and when? IEEE Computer Graphics and Applications 23(4), 20–25 (2003)CrossRefGoogle Scholar
  10. 10.
    AccessData: (Forensic toolkit 2.0) (Last checked May 2008),
  11. 11.
    Carrier, B.: (Autopsy forensic browser) (Last checked May 2008),
  12. 12.
    Carrier, B.: Computer Forensics Basics. In: Know Your Enemy, ch. 11, 2nd edn., Addison Wesley, Reading (2004)Google Scholar
  13. 13.
    Singer, J., Lethbridge, T.: Methods for studying maintenance activities. In: Proceedings of the Workshop for Empirical Studies of Software Maintenance, pp. 105–110 (1996)Google Scholar
  14. 14.
    VanSomeren, M.W., Bernard, Y.F., Sandberg, J.A.C.: The Think Aloud Method: A Practical Guide to Modeling Cognitive Processes. Academic Press, London (1994)Google Scholar
  15. 15.
    Hackos, J.T., Redish, J.C.: User and Task Analysis for Interface Design. John Wiley & Sons, Inc., New York (1998)Google Scholar
  16. 16.
    Hix, D., Hartson, H.R.: Developing User Interfaces: Ensuring Usability through Product & Process. John Wiley & Sons, Inc., New York (1993)zbMATHGoogle Scholar
  17. 17.
    Mayhew, D.: The Usability Engineering Lifecycle: a Practitioner’s Handbook for User Interface Design. Morgan Kaufmann Publishers, San Francisco (1999)Google Scholar
  18. 18.
    Sjoberg, D.I.K., Anda, B., Arishold, E., Dyba, T., Jorgensen, M., Karahasanovic, A., Koren, E.F., Vokac, M.: Conducting realistic experiments in software engineering. In: First International Symposium on Empirical Software Engineering, pp. 17–26 (2002)Google Scholar
  19. 19.
    Stoll, J., McColgin, D., Gregory, M., Crow, V., Edwards, W.K.: Exploiting the user: Adapting personas for use in security visualization design. In: Proceedings of the Fourth Workshop on Visualization for Computer Security (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • T. J. Jankun-Kelly
    • 1
  • Josh Franck
    • 2
  • David Wilson
    • 1
  • Jeffery Carver
    • 3
  • David Dampier
    • 1
  • J. Edward SwanII
    • 1
  1. 1.Department of Computer Science and EngineeringMississippi State University 
  2. 2.Department of PsychologyMississippi State University 
  3. 3.Department of Computer ScienceUniversity of Alabama 

Personalised recommendations