Sonification allows users to probe the data for audible rhythms, cycles, and textures, calling attention to subtle time-based structures and patterns that might have evaded visual or computational detection.
The OCR began work on Specimen Box in 2014 at the request of Microsoft's Digital Crimes Unit. Microsoft's Cybercrime Center monitors communications coming from hundreds of millions of PCs around the world that have become infected by botnet malware.
Employing data sonification together with advanced visualization techniques, Specimen Box provides a configurable multi-sensory presentation of botnet signal activity in real time. It also features a multitouch gesture-based interface for navigating, exploring, selecting, and examining the billions of signals that have previously been collected. Users can access the collected signals based on their activity levels, the geographic locations of their sources, or their daily activity patterns over time, using clustering to group sources with similar behavior.
Split views allow two different data selections to be compared. The activity of one botnet strain can be compared against another, for example, or the activity of a botnet in a certain region on a given day can be compared with its activity in a different region, or on a different day.