Ferda Özdemir Sönmez scite author profile

Security visualization has been an issue, and it continues to grow in many directions. In order to give sufficient security visualization designs, information both in many different aspects of visualization techniques and the security problems is required. More beneficial designs depend on decisions that include use cases covering security artifacts and business requirements of the organizations, correct and optimal use of data sources, and selection of proper display types. To be able to see the big picture, the designers should be aware of available data types, possible use cases and different styles of displays. In this chapter, these properties of a large set of earlier security visualization work have been depicted and classified using both textual and graphical ways. This work also contains information related to trending topics of the domain, ways of user interaction, evaluation, and validation techniques that are commonly used for the security visualization designs.

show abstract

Holistic Web Application Security Visualization for Multi-Project and Multi-Phase Dynamic Application Security Test Results

Sönmez

Günel

2021

IEEE Access

View full text Add to dashboard Cite

As the number of web applications and the corresponding number and sophistication of the threats increases, creating new tools that are efficient and accessible becomes essential. Although there is much research concentrating on network security visualizations, there are only a few studies considering the web application vulnerabilities' possible visualization options. Consequently, to fill this gap, this research centers around a novel perception configuration to improve web application vulnerability monitoring. This study forms a generic data structure based on data sources that might be readily associated and commonly available for the majority of the web applications. The primary contribution of this study is a new dashboard tool for visualizing dynamic application security test results. Another contribution is the metrics/measures that the tool presents. The paper also describes a validation study in which participants answered quiz questions upon using the tool prototype. For the case study, sample data has been generated using the OWASP ZAP scanner tool and a prototype has been implemented to be used for validation purposes. This study allows the investigation of fifty metrics/measures for the multi-project/phase environment that enhances its benefits if the user aims to monitor a series of analyses' results and the changes between them for more than one web project.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ferda Özdemir Sönmez

Security Qualitative Metrics for Open Web Application Security Project Compliance

A Conceptual Model for a Metric Based Framework for the Monitoring of Information Security Tasks’ Efficiency

Blockchain in project management: a systematic review of use cases and a design decision framework

Security Visualization Extended Review Issues, Classifications, Validation Methods, Trends, Extensions

Holistic Web Application Security Visualization for Multi-Project and Multi-Phase Dynamic Application Security Test Results

Contact Info

Product

Resources

About