Risk visualization and alerting system: architecture and proof-of-concept implementation

Abstract

The number of computer security incidents is rising in unison with the development of cyber-society. One reason for this is a lack of users' security awareness. The widespread use of mobile devices further complicates this problem. An approach for raising the awareness level is introducing a system that visualizes and issues alerts of security risks end-users. This paper introduces the architecture of such a system. It analyzes information by monitoring the user's end-to-end communication and its related entities, looks up knowledge bases, and provides alerts by directly visualizing risks to the user. One characteristic of this system is its ability to enable customized visualization for each user, which boosts the user's risk awareness and understanding. This paper also introduces the system's proof-of-concept implementation, which demonstrates the architecture's feasibility. Based on the prototype, the paper discusses the direction of further technical development.