ABSTRACT
The Sandbox is a flexible and expressive thinking environment that supports both ad-hoc and more formal analytical tasks. It is the evidence marshalling and sense-making component for the analytical software environment called nSpace. This paper presents innovative Sandbox human information interaction capabilities and the rationale underlying them including direct observations of analysis work as well as structured interviews. Key capabilities for the Sandbox include "put-this-there" cognition, automatic process model templates, gestures for the fluid expression of thought, assertions with evidence and scalability mechanisms to support larger analysis tasks. The Sandbox integrates advanced computational linguistic functions using a Web Services interface and protocol. An independent third party evaluation experiment with the Sandbox has been completed. The experiment showed that analyst subjects using the Sandbox did higher quality analysis in less time than with standard tools. Usability test results indicated the analysts became proficient in using the Sandbox with three hours of training.
- Alonso, R. and H. Li, Combating Cognitive Biases in Information Retrieval, In Proc. International Conference on Intelligence Analysis, 2005.]]Google Scholar
- ARDA Novel Intelligence From Massive Data, NIMD, http://www.ic-arda.org/Novel_Intelligence/ , 2002.]]Google Scholar
- Bodnar, J.W., Warning Analysis for the Information Age: Rethinking the Intelligence Process, Joint Military Intelligence College (JMIC), December, 2003.]]Google Scholar
- Caid, W. and Pu Oing, System and Method of Context Vector Generation and Retrieval, United States Patent 5,619,709, 1997.]]Google Scholar
- Card, Stuart, J. Mackinlay, B. Shneiderman Readings in Information Visualization, Morgan Kaufman Publishers, San Francisco, CA., 1999.]] Google ScholarDigital Library
- Cowley, P., L. Nowell, J. Scholtz, Glass Box: An Instrumented Infrastructure for Supporting Human Interaction with Information, In Proc. Hawaii International Conf. on System Sciences, 2005, 296.3]] Google ScholarDigital Library
- Hampson, E., and P. Cowley, Instrumenting the Intelligence Analysis Process, In Proc. International Conference on Intelligence Analysis, 2005.]]Google Scholar
- Heuer, Richard, Psychology of Intelligence Analysis, Center for the Study of Intelligence, 1999.]]Google Scholar
- Hughes, F. and D. Schum, Discovery-Proof-Choice, The Art and Science of the Process of Intelligence Analysis -- Preparing for the Future of Intelligence Analysis, JMIC Joint Military Intelligence College, 2003.]]Google Scholar
- Hutchings, D. and J. Stasko, QuickSpace, Short Paper, ACM CHI Conference, 2002, 802--803.]] Google ScholarDigital Library
- Institute for Human Machine Cognition, University of West Florida., Cmap Tools, http://cmap.ihmc.us/]]Google Scholar
- i2 Limited., http://www.i2inc.com]]Google Scholar
- Jonker, D., W. Wright, D. Schroh, P. Proulx and B. Cort, Information Triage with TRIST, In Proc. International Conference on Intelligence Analysis, 2005.]]Google Scholar
- Johnston, R., Analytic Culture in the U.S. Intelligence Community, Center for the Study of Intelligence, Government Printing Office, Pittsburgh, PA.]]Google Scholar
- Kapler, T. and W. Wright, GeoTime Information Visualization, Information Visualization Journal, Palgrave Macmillan, 4,(2), Summer 2005, 136--146.]] Google ScholarDigital Library
- Larkin, J. and H. Simon, Why a Diagram is (Sometimes) Worth Ten Thousand Words, Cognitive Science, 11(1), 1987, 65--99.]]Google Scholar
- Mindjet Inc., http://www.mindjet.com]]Google Scholar
- Morse, E., M. Potts Steves and J. Scholtz, Metrics and Methodologies for Evaluating Technologies for Intelligence Analysts, In Proc. Conference on Intelligence Analysis, 2005.]]Google Scholar
- Mynatt, E., T. Igarashi, K. Edwards, A. LaMarca, Designing an Augmented Writing Surface, IEEE Computer Graphics and Applications, July 2000, 55--61.]] Google ScholarDigital Library
- Pirolli, P. and S, Card, Information Foraging in Information Access Environments, In Proc. SIGCHI Conference on Human Factors, 1995, 51--58.]] Google ScholarDigital Library
- Pirolli, P. and S, Card, The Sensemaking Process and Leverage Points for Analyst Technology as Identified Through Cognitive Task Analysis, In Proc. International Conference on Intelligence Analysis, 2005.]]Google Scholar
- Robertson, G., M. Czerwinski, , K. Larson, D. Robbins, D. Thiel and M. van Dantzich, Data Mountain, In Proc. ACM Symposium on UIST, 1998, 153--162.]] Google ScholarDigital Library
- Rose, Russ, ChairP1000 Committee, P1000 Report, Office of Research and Development, CIA, 1996.]]Google Scholar
- Visual Analytics Inc., http://www.visualanalytics.com]]Google Scholar
- Wright, William and Kapler, Thomas, Speaking with Analysts -- Observations of Current Practices with Massive Data, submitted to Journal of Intelligence Community Research and Development.]]Google Scholar
Index Terms
- The Sandbox for analysis: concepts and methods
Recommendations
Interactive Exploration of Data Traffic with Hierarchical Network Maps
Network communication has become indispensable in business, education, and government. With the pervasive role of the Internet as a means of sharing information across networks, its misuse for destructive purposes, such as spreading malicious code, ...
Vulnerability in Public Malware Sandbox Analysis Systems
SAINT '10: Proceedings of the 2010 10th IEEE/IPSJ International Symposium on Applications and the InternetThe use of Public Malware Sandbox Analysis Systems (public MSASs) which receives online submissions of possibly malicious executables from an arbitrary user, analyzes their behavior by executing them in a testing environment (i.e., a sandbox), and sends ...
Focusing on Context in Network Traffic Analysis
Intrusion detection analysis requires understanding the context of an event, usually discovered by examining packet-level detail. When analysts attempt to construct the big picture of a security event, they must move between high-level representations ...
Comments