Enhancing Cyber Defense Situational Awareness Using 3D Visualizations

Thumbnail Image

Files

EnhancingCyberDefenseSituationalAwarenessUsing3DVisualizations.pdf (435.01 KB)

Links to Files

https://www.proquest.com/openview/2c394056c4883bb29f2c1cd53590b453/1?pq-origsite=gscholar&cbl=396500

Permanent Link

http://hdl.handle.net/11603/26338

Collections

UMBC Center for Space Sciences and Technology (CSST) / Center for Research and Exploration in Space Sciences & Technology II (CRSST II)

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0001-9480-0583

Date

2018-03

Type of Work

conference papers and proceedings
journal articles
Text

Department

Program

Citation of Original Publication

Kullman, K.; Cowley, J.; Ben-Asher, N. (2018). Enhancing Cyber ​​Defense Situational Awareness Using 3D Visualizations. Proceedings of the 13th International Conference on Cyber ​​Warfare and Security ICCWS 2018: National Defense University, Washington DC, USA 8-9 March 2018. Ed. JS Hurley, JQ Chen. Academic Conferences and Publishing International Limited, 369−378. https://www.researchgate.net/publication/323694322_Enhancing_Cyber_Defense_Situational_Awareness_Using_3D_Visualizations

Rights

This work was written as part of one of the author's official duties as an Employee of the United States Government and is therefore a work of the United States Government. In accordance with 17 U.S.C. 105, no copyright protection is available for such works under U.S. Law.
Public Domain Mark 1.0

Subjects

Abstract

The human visual system is generally more adept at inferring meaning from graphical objects and natural scene elements than reading alphanumeric characters. Graphical objects like charts and graphs in cybersecurity dashboards often lack the requisite numbers of features to depict behaviors of complex network data. For example, bar charts afford few features to encode a panoply of parameters in network data. Furthermore, dashboard visualizations seldom support the transition of human work from situation awareness building to requisite responses during intrusion detection events. This research effort aims to identify how graphical objects (also referred as data-shapes) depicted in Virtual Reality tools, developed in accordance with an analyst’s mental model of an intrusion detection event, can enhance analyst’s situation awareness. We demonstrate the proposed approach using Locked Shields 16 CDX network traffic. Implications of this study and future case study are discussed.