Methods of visualizing temporal patterns in and mission impact of computer security breaches

“…Indeed, much of the research on SA in cybersecurity, or cyber-SA, has primarily taken an algorithmic perspective (Orlikowski & Iacono, 2001); focusing primarily on the automation and the development of new defensive tools for protection, detection and response . Examples of this work include data visualizations (D'Amico, A. & Larkin, 2001), data fusion methods for tracking cyber-attacks (Stotz & Sudit, 2007;Yang, Shanchieh J., Stotz, Holsopple, Sudit, & Kuhl, 2009), identification of internal and external threats using * Corresponding author e-mail: mjt241@smeal.psu.edu intelligent agents (Buford, Lewis, & Jakobson, 2008;Yen et al, 2010), and the use of probabilistic models to assess network vulnerability (Peng, Li, Xinming, Peng, & Levy, 2010;Tadda, G., Salerno, Boulware, Hinman, & Gorton, 2006).…”

A human-in-the-loop approach to understanding situation awareness in cyber defence analysis

“…Indeed, much of the research on SA in cybersecurity, or cyber-SA, has primarily taken an algorithmic perspective (Orlikowski & Iacono, 2001); focusing primarily on the automation and the development of new defensive tools for protection, detection and response . Examples of this work include data visualizations (D'Amico, A. & Larkin, 2001), data fusion methods for tracking cyber-attacks (Stotz & Sudit, 2007;Yang, Shanchieh J., Stotz, Holsopple, Sudit, & Kuhl, 2009), identification of internal and external threats using * Corresponding author e-mail: mjt241@smeal.psu.edu intelligent agents (Buford, Lewis, & Jakobson, 2008;Yen et al, 2010), and the use of probabilistic models to assess network vulnerability (Peng, Li, Xinming, Peng, & Levy, 2010;Tadda, G., Salerno, Boulware, Hinman, & Gorton, 2006).…”

A human-in-the-loop approach to understanding situation awareness in cyber defence analysis

VisAlert: From Idea to Product

Putting Security in Context: Visual Correlation of Network Activity with Real-World Information