Information system log visualization to monitor anomalous user activity based on time

摘要

As information systems start to manage the more crucial parts of human lives, their security cannot be neglected. One way to ensure the security is by analyzing their generated log files of anomalous user activity. Data visualization has become a common solution to help get around the problems in log analysis. In this paper, we tried to determine key characteristics of effective data visualization on detecting those anomalous user activity recorded in log files. First we analyzed the log data we have and derived 4 anomalies whose indicators are made into visualization topics. Hence we built 4 data visualizations to detect the 4 anomalies. Next, we transformed our data so that they can be visualized. After that, we analyzed the suitable time-based data visualization method to represent our data and decided on heatmap for its wide application on existing solutions and dot plot for it is able to accommodate all data variables needed on every visualization topic and has the suitable nuance for monitoring purposes. Next we decided on design concept of our data visualizations and implemented them as web-based data visualization. We conducted 2 tests in this paper to determine the key characteristics of effective data visualization. Even though the results are inconclusive, but they hinted that an effective data visualization on this matter should support large amount of perceived information through cognition and support focused exploration.