01567nas a2200193   4500000000100000000000100001008004100002260000900043653003000052653002400082653001900106653000800125100001700133700002000150245007400170300001200244490000700256520111000263       2003                            d  c200310ainformation visualization10aintrusion detection10amobile devices10aPDA1 aAndrea Sanna1 aClaudio Fornaro00aIMoViS: A System for Mobile Visualization of Intrusion Detection Data  a235-2490 v123 a<p>Mobile devices, such as PDAs, allow a sort of ubiquitous access to the Internet. This can be of great value to all disciplines where information has to be conveyed to the user in “real time” independently of his/her physical location. Intrusion detection applications can take advantage of the use of mobile devices by allowing a constant monitoring of the state of a computer system. This paper proposes an integrated framework to visualize intrusion detection data on PDAs. The Snort ID system is used to detect attacks and intrusions and to store the collected information into a database. The information is processed by software called Guardian that produces the actual data to be fed to the visualization application. The proposed architecture is tailored for monitoring large buildings by organizing spatial data information in a hierarchical way. The user can discover and manage attacks/intrusions at the top level of the hierarchy (the entire building), as well as at the leaf level (the single machine placed into a room), where detailed information about the attack can be obtained.</p>