TU Darmstadt / ULB / TUbiblio

A Visual Analytics Field Experiment to Evaluate Alternative Visualizations for Cyber Security Applications

Fischer, Fabian and Davey, James and Fuchs, Johannes and Thonnard, Olivier and Kohlhammer, Jörn and Keim, Daniel A. (2014):
A Visual Analytics Field Experiment to Evaluate Alternative Visualizations for Cyber Security Applications.
Eurographics Association, Goslar, In: EuroVA 2014, DOI: 10.2312/eurova.20141144,
[Conference or Workshop Item]

Abstract

The analysis and exploration of emerging threats in the Internet is important to better understand the behaviour of attackers and develop new methods to enhance cyber security. Fully automated algorithms alone are often not capable of providing actionable insights about the threat landscape. We therefore combine a multi-criteria clustering algorithm, tailor-made for the identification of such attack campaigns with three interactive visualizations, namely treemap representations, interactive node-link diagrams, and chord diagrams, to allow the analysts to visually explore and make sense of the resulting multi-dimensional clusters. To demonstrate the potential of the system, we share our lessons learned in conducting a field experiment with experts in a security response team and show how it helped them to gain new insights into various threat landscapes.

Item Type: Conference or Workshop Item
Erschienen: 2014
Creators: Fischer, Fabian and Davey, James and Fuchs, Johannes and Thonnard, Olivier and Kohlhammer, Jörn and Keim, Daniel A.
Title: A Visual Analytics Field Experiment to Evaluate Alternative Visualizations for Cyber Security Applications
Language: English
Abstract:

The analysis and exploration of emerging threats in the Internet is important to better understand the behaviour of attackers and develop new methods to enhance cyber security. Fully automated algorithms alone are often not capable of providing actionable insights about the threat landscape. We therefore combine a multi-criteria clustering algorithm, tailor-made for the identification of such attack campaigns with three interactive visualizations, namely treemap representations, interactive node-link diagrams, and chord diagrams, to allow the analysts to visually explore and make sense of the resulting multi-dimensional clusters. To demonstrate the potential of the system, we share our lessons learned in conducting a field experiment with experts in a security response team and show how it helped them to gain new insights into various threat landscapes.

Publisher: Eurographics Association, Goslar
Uncontrolled Keywords: Business Field: Visual decision support, Research Area: Human computer interaction (HCI), Network security, Clustering, Evaluation, Visual analytics, Information visualization
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Interactive Graphics Systems
Event Title: EuroVA 2014
Date Deposited: 12 Nov 2018 11:16
DOI: 10.2312/eurova.20141144
Export:

Optionen (nur für Redakteure)

View Item View Item