Skip to main content

Reflecting on the Use of Sonification for Network Monitoring

Louise Axon‚ Sadie Creese‚ Michael Goldsmith and Jason R.C. Nurse

Abstract

In Security Operations Centres (SOCs), computer networks are generally monitored using a combination of anomaly detection techniques, Intrusion Detection Systems (IDS) and data presented in visual and text-based forms. In the last two decades significant progress has been made in developing novel sonification systems to further support network monitoring tasks. A range of systems has been proposed in which sonified network data is presented for incorporation into the network monitoring process. Unfortunately, many of these have not been sufficiently validated and there is a lack of uptake in SOCs. In this paper, we describe and reflect critically on the shortcomings of traditional network-monitoring methods and identify the key role that sonification, if implemented correctly, could play in improving current monitoring capabilities. The core contribution of this position paper is in the outline of a research agenda for sonification for network monitoring, based on a review of prior research. In particular, we identify requirements for an aesthetic approach that is suitable for continuous real-time network monitoring; formalisation of an approach to designing sonifications in this space; and refinement and validation through comprehensive user testing.

Book Title
10th International Conference on Emerging Security Information‚ Systems and Technologies
ISBN
978−1−61208−493−0
ISSN
2162−2116
Keywords
Sonification; Network Security; Anomaly Detection; Network Monitoring
Pages
254–261
Year
2016