Browsing by Author "Kullman, Kaur"
Now showing 1 - 11 of 11
Results Per Page
ItemA 3D Mixed Reality Visualization of Network Topology and Activity Results in Better Dyadic Cyber Team Communication and Cyber Situational Awareness(Frontier, 2023-01-27) Ask, Torvald F.; Kullman, Kaur; Sütterlin, Stefan; Knox, Benjamin J.; Engel, Don; Lugo, Ricardo G.Cyber defense decision-making during cyber threat situations is based on human-to-human communication aiming to establish a shared cyber situational awareness. Previous studies suggested that communication inefficiencies were among the biggest problems facing security operation center teams. There is a need for tools that allow for more efficient communication of cyber threat information between individuals both in education and during cyber threat situations. In the present study, we compared how the visual representation of network topology and traffic in 3D mixed reality versus 2D affected team performance in a sample of cyber cadets (N = 22) cooperating in dyads. Performance outcomes included network topology recognition, cyber situational awareness, confidence in judgements, experienced communication demands, observed verbal communication, and forced choice decision-making. The study utilized network data from the NATO CCDCOE 2022 Locked Shields cyber defense exercise. We found that participants using the 3D mixed reality visualization had better cyber situational awareness than participants in the 2D group. The most apparent difference was in the detection of the top five Red Team hosts targeting Blue Team systems, where the traffic associated with the identified Red Team hosts differed in the tens of thousands between the groups. The 3D mixed reality group was generally more confident in their judgments except when performing worse than the 2D group on the topology recognition task (which favored the 2D condition). Participants in the 3D mixed reality group experienced less communication demands, and performed more verbal communication aimed at establishing a shared mental model and less communications discussing task resolution. There were no differences in decision-making between the groups. This could be due to cohort effects such as formal training or the modest sample size. This is the first study comparing the effect of 3D mixed reality and 2D visualizations of network topology on dyadic cyber team communication and cyber situational awareness. Using 3D mixed reality visualizations resulted in better cyber situational awareness and team communication. The experiment should be repeated in a larger and more diverse sample to determine its potential effect on decision-making. ItemEnhancing Cyber Defense Situational Awareness Using 3D Visualizations(Academic Conferences and Publishing International Limited, 2018-03) Kullman, Kaur; Cowley, Jennifer; Ben-Asher, NoamThe human visual system is generally more adept at inferring meaning from graphical objects and natural scene elements than reading alphanumeric characters. Graphical objects like charts and graphs in cybersecurity dashboards often lack the requisite numbers of features to depict behaviors of complex network data. For example, bar charts afford few features to encode a panoply of parameters in network data. Furthermore, dashboard visualizations seldom support the transition of human work from situation awareness building to requisite responses during intrusion detection events. This research effort aims to identify how graphical objects (also referred as data-shapes) depicted in Virtual Reality tools, developed in accordance with an analyst’s mental model of an intrusion detection event, can enhance analyst’s situation awareness. We demonstrate the proposed approach using Locked Shields 16 CDX network traffic. Implications of this study and future case study are discussed. ItemEukaryotic genome size databases(Ofxord University Press, 2006-11-07) Gregory, T. Ryan; Nicol, James A.; Tamm, Heidi; Kullman, Bellis; Kullman, Kaur; Leitch, Ilia J.; Murray, Brian G.; Kapraun, Donald F.; Greilhuber, Johann; Bennett, Michael D.Three independent databases of eukaryotic genome size information have been launched or re-released in updated form since 2005: the Plant DNA C-values Database (www.kew.org/genomesize/homepage. html), the Animal Genome Size Database (www. genomesize.com) and the Fungal Genome Size Database (www.zbi.ee/fungal-genomesize/). In total, these databases provide freely accessible genome size data for >10 000 species of eukaryotes assembled from more than 50 years’ worth of literature. Such data are of significant importance to the genomics and broader scientific community as fundamental features of genome structure, for genomics-based comparative biodiversity studies, and as direct estimators of the cost of complete sequencing programs. ItemInteractive Stereoscopically Perceivable Multidimensional Data Visualizations for Cybersecurity(Journal of Defence & Security Technologies, 2021-12-12) Kullman, Kaur; Engel, DonInteractive Data Visualizations (IDV) can be useful for cybersecurity subject matter experts (CSMEs) while they are exploring new data or investigating familiar datasets for anomalies, correlating events, etc. For an IDV to be useful to a CSME, interaction with that visualization should be simple and intuitive (free of additional mental tasks) and the visualization’s layout must map to a CSME’s understanding. While CSMEs may learn to interpret visualizations created by others, they should be encouraged to visualize their datasets in ways that best reflect their own ways of thinking. Developing their own visual schemes makes optimal use of both the data analysis tools and human visual cognition. In this article, we focus on a currently available interactive stereoscopically perceivable multidimensional data visualization solution, as such tools could provide CSMEs with better perception of their data compared to interpreting IDV on flat media (whether visualized as 2D or 3D structures). ItemMental Model Mapping Method for Cybersecurity(Springer Nature, 2020-07-10) Kullman, Kaur; Buchanan, Laurin; Komlodi, Anita; Engel, DonVisualizations can enhance the efficiency of Cyber Defense Analysts, Cyber Defense Incident Responders and Network Operations Specialists (Subject Matter Experts, SME) by providing contextual information for various cybersecurity-related datasets and data sources. We propose that customized, stereoscopic 3D visualizations, aligned with SMEs internalized representations of their data, may enhance their capability to understand the state of their systems in ways that flat displays with either text, 2D or 3D visualizations cannot afford. For these visualizations to be useful and efficient, we need to align these to SMEs internalized understanding of their data. In this paper we propose a method for interviewing SMEs to extract their implicit and explicit understanding of the data that they work with, to create useful, interactive, stereoscopically perceivable visualizations that would assist them with their tasks. ItemOperator Impressions of 3D Visualizations for Cybersecurity Analysts(2019-07) Kullman, Kaur; Asher, Noam Ben; Sample, CharCybersecurity analysts ingest and process significant amounts of data from diverse sources in order to acquire network situation awareness. Visualizations can enhance the efficiency of analysts’ workflow by providing contextual information, various sets of cybersecurity related data, information regarding alerts, among others. However, textual displays and 2D visualizations have limited capabilities in displaying complex, dynamic and multidimensional information. There have been many attempts to visualize data in 3D, while being displayed on 2D displays, but success has been limited. We propose that customized, stereoscopically perceivable 3D visualizations aligned with analysts’ internal representations of network topology, may enhance their capability to understand their networks’ state in ways that 2D displays cannot afford. These 3D visualizations may also provide a path for users who are trained and comfortable with textual and 2D representations of data to assess visualization methods that may be suitably aligned to implicit knowledge of their networks. Thus, the premise of custom datavisualizations forms the foundation for this study. Herein, we report on findings from a comparative, qualitative, within-subjects usability analysis between 2D and 3D representations of the same network traffic dataset. Study participants (analysts) provided information on: 1.) ability to create an initial understanding of the network, 2.) ease of finding task-relevant information in the representation, and 3.) overall usability. Results indicated that interviewees indicated a preference for 3D visualizations over the 2D alternatives and we discuss possible explanations for this preference. ItemUser Interactions in Virtual Data Explorer(Springer, 2022-06-16) Kullman, Kaur; Engel, DonCybersecurity practitioners face the challenge of monitoring complex and large datasets. These could be visualized as time-varying node-link graphs, but would still have complex topologies and very high rates of change in the attributes of their links (representing network activity). It is natural, then, that the needs of the cybersecurity domain have driven many innovations in 2D visualization and related computer-assisted decision making. Here, we discuss the lessons learned while implementing user interactions for Virtual Data Explorer (VDE), a novel system for immersive visualization (both in Mixed and Virtual Reality) of complex time-varying graphs. VDE can be used with any dataset to render its topological layout and overlay that with time-varying graph; VDE was inspired by the needs of cybersecurity professionals engaged in computer network defense (CND). Immersive data visualization using VDE enables intuitive semantic zooming, where the semantic zoom levels are determined by the spatial position of the headset, the spatial position of handheld controllers, and user interactions (UIa) with those controllers. This spatially driven semantic zooming is quite different from most other network visualizations which have been attempted with time-varying graphs of the sort needed for CND, presenting a broad design space to be evaluated for overall user experience (UX) optimization. In this paper, we discuss these design choices, as informed by CND experts, with a particular focus on network topology abstraction with graph visualization, semantic zooming on increasing levels of network detail, and semantic zooming to show increasing levels of detail with textual labels. ItemUsing XR for Improving Scientific Discovery with Numerical Weather Models(IEEE, 2023-10-20) Grubb, Thomas; Kullman, Kaur; Clune, Thomas; Lait, Leslie; Zwicker, Matthias; Guimond, Stephen; West, Ruth; Eastman, Roger; Afflerbach, Ian; Engel, DonOur work explores the use of extended reality (XR) to improve scientific discovery with numerical weather/climate models that inform Earth science digital twins, specifically the NASA Goddard Earth Observing System (GEOS) global atmospheric model. The overall project is named the Visualization And Lagrangian dynamics Immersive eXtended Reality Toolkit (VALIXR), which has two main areas of focus: (1) enhancing the understanding of and interaction with model output data through advanced visualizations in the XR environment, and (2) the integration of Lagrangian dynamics into the GEOS model, which allows a natural, feature-specific analysis of Earth science phenomena as opposed to traditional, fixed-point Eulerian dynamics. Here, we report initial work on these focus areas. ItemVirtual Data ExplorerKullman, KaurVirtual Data Explorer is a set of software components, that allow you to visualize and explore your computer network topology as a set of 3D data-shapes, using Virtual and / or Mixed Reality headsets. Our brain is really good at perceiving objects in Real Reality, say, the shape of your hand. But its not that good at grasping the precise three-dimensional shape of your hand on the screen of your computer. Hence its quite tricky to have 3D data visualizations as part of our everyday data-analysis workflow, if we’d have to ingest these from a flat screen. Behold: the umpteenth-generation XR headsets! Now these fancy things are (finally) able to provide us with the capability to immerse in stereoscopically perceivable data visualization. This allows us to create (non-geospatial!) network topology visualizations that map to our (or your NOC/SOC operator’s) understanding of the sets of networked entities (say, computers, toasters, drones, nukes, roombas, etc.) that are participating in the to-be protected networks. ItemVR/MR Supporting the Future of Defensive Cyber Operations(Elsevier, 2019-12-24) Kullman, Kaur; Ryan, Matt; Trossbach, LeeUS Army C5ISR Center Cyber Security Service Provider (CSSP) is a 24/7 Defensive Cyber Operations (DCO) organization that defends US Department of Defense and US Army networks from hostile cyber activity, as well as develops technologies and capabilities for use by DCO operators within the DoD. In recent years, C5ISR Center CSSP has been researching various advanced data visualization concepts and strategies to enhance the speed and efficiency of cybersecurity analyst’s workflow. To achieve these goals Virtual and Mixed Reality (VR/MR) tools have been employed to investigate, whether these mediums would enable useful remote collaboration of DCO operators and whether stereoscopically perceivable 3D data visualizations would enable DCO operators to gain improved hindsight into their datasets. We’ll be giving overview of the capabilities being developed as aligned to our research and operational requirements, our expected outcomes of using VR/MR in training and operational cyber environments and our planned path to accomplish these goals.