Visualization evaluation for cyber security

Staheli, Diane; Yu, Tamara; Crouser, R. Jordan; Damodaran, Suresh K.; Nam, Kevin; O'Gwynn, David; McKenna, Sean Andrew; Harrison, Lane

doi:10.1145/2671491.2671492

Cited by 59 publications

(34 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Staheli et al [20] presented a survey, in 2014, of 130 VizSec (IEEE Symposium on Visualization for Cyber Security) papers which showed that little research had been conducted in determining the effectiveness of cyber-security visualization. It also showed that 46% of these papers did not have any user-involvement in the evaluation phase.…”

Section: Background Literaturementioning

confidence: 99%

“…Additionally, the evaluation techniques used to evaluate most tools were not effective in evaluating the visualizations that were produced based on the performed task nor were the evaluation techniques standardized. The lack of a common framework for standardized evaluation methods [20] has been concluded many times, but there is no research supporting the development of a framework to evaluate the effectiveness of cybersecurity visualization tools based on user requirements. Thus, creating a need for guidelines to standardize evaluation techniques and evaluate for effectiveness of performed task.…”

Section: Background Literaturementioning

confidence: 99%

“…There is an outburst of cyber-security visualization tools, but the visualizations presented by these tools are rarely evaluated for effectiveness in terms of the task they aid in performing [20]. Furthermore, most of the visuals are developed and sometimes evaluated without any involvement of users [20].…”

Section: Introductionmentioning

confidence: 99%

“…Furthermore, most of the visuals are developed and sometimes evaluated without any involvement of users [20]. The lack of user-involvement could be a result of limited access to security analysts; or due to the nature of their jobs, security analysts cannot make significant time-commitment [16].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

EEVi - framework for evaluating the effectiveness of visualization in cyber-security

Sethi

Paci

Wills

2016

2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)

View full text Add to dashboard Cite

Abstract-Cyber-security visualization is an up-and-coming area which aims to reduce security analysts' workload by presenting information as visual analytics rather than a string of text and characters. But the adoption of the resultant visualizations has not increased. The literature indicates a research gap of a lack of guidelines and standardized evaluation techniques for effective visualization in cyber-security, as a reason for it. Therefore, this research addresses the research gap by developing a framework called EEVi for effective cyber-security visualizations for the performed task. The term 'effective visualization' can be defined as the features of visualization that are crucial to perform a certain task successfully. EEVi has been developed by analyzing qualitative data that leads to the formation of cognitive relationships (called links) between data that act as guidelines for effective cyber-security visualization in terms of the performed task. The methodology to develop this framework can be applied to other fields to understand cognitive relationships between data. Additionally, the analysis presents a glimpse into the usage of EEVi in cyber-security visualization.

show abstract

Section: Background Literaturementioning

confidence: 99%

Section: Background Literaturementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

EEVi - framework for evaluating the effectiveness of visualization in cyber-security

Sethi

Paci

Wills

2016

2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)

View full text Add to dashboard Cite

show abstract

“…The visualisation of complex knowledge and information structures helps learners to better perceive complex concepts. Visual methods such as AMTs have considerable value in aiding cyber-attack perception [10,11]. Fithen et al, [12] outline the benefits of attack visualisation by arguing that AMTs enable non-experts to better understand and interpret attack models with little reference to logical models.…”

Section: Introductionmentioning

confidence: 99%

An Empirical Evaluation of the Effectiveness of Attack Graphs and Fault Trees in Cyber-Attack Perception

Lallie

Debattista

Bal

2018

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

From Cyber Security Activities to Collaborative Virtual Environments Practices Through the 3D CyberCOP Platform

Kabil

Duval

Cuppens

et al. 2018

Information Systems Security

View full text Add to dashboard Cite

Although collaborative practices between cyber organizations are well documented, managing activities within these organizations is still challenging as cyber operators tasks are very demanding and usually done individually. As human factors studies in cyber environments are still difficult to perform, tools and collaborative practices are evolving slowly and training is always required to increase teamwork efficiency. Contrary to other research fields, cyber security is not harnessing yet the capabilities of Collaborative Virtual Environments (CVE) which can be used both for immersive and interactive data visualization and serious gaming for training. In order to tackle cyber security teamwork issues, we propose a 3D CVE called the 3D Cyber Common Operational Picture, which aims at taking advantage of CVE practices to enhance cyber collaborative activities. Based on four Security Operations Centers (SOCs) visits we have made in different organizations, we have designed a cyber collaborative activity model which has been used as a reference to design our 3D CyberCOP platform features, such as asymetrical collaboration, mutual awareness and roles specialization. Our approach can be adapted to several use cases, and we are currently developing a cyber incident analysis scenario based on an event-driven architecture, as a proof of concept.

show abstract

Visualization evaluation for cyber security

Cited by 59 publications

References 37 publications

EEVi - framework for evaluating the effectiveness of visualization in cyber-security

EEVi - framework for evaluating the effectiveness of visualization in cyber-security

An Empirical Evaluation of the Effectiveness of Attack Graphs and Fault Trees in Cyber-Attack Perception

From Cyber Security Activities to Collaborative Virtual Environments Practices Through the 3D CyberCOP Platform

Contact Info

Product

Resources

About