2016 IEEE Symposium on Visualization for Cyber Security (VizSec)最新文献

筛选

英文中文

Mixed method approach to identify analytic questions to be visualized for military cyber incident handlers 为军事网络事件处理人员识别可视化分析问题的混合方法

2016 IEEE Symposium on Visualization for Cyber Security (VizSec) Pub Date : 2016-10-01 DOI: 10.1109/VIZSEC.2016.7739578

Laurin Buchanan, A. D'Amico, D. Kirkpatrick

{"title":"Mixed method approach to identify analytic questions to be visualized for military cyber incident handlers","authors":"Laurin Buchanan, A. D'Amico, D. Kirkpatrick","doi":"10.1109/VIZSEC.2016.7739578","DOIUrl":"https://doi.org/10.1109/VIZSEC.2016.7739578","url":null,"abstract":"Our multi-disciplinary team developed and applied a 6-step mixed method approach to efficiently identify the cognitive work of early stage military cyber incident handlers, extract a subset of that work that could benefit from visualization, and specify the information needs as Analytic Questions (AQs) posed by operators that the visualizations would have to support. The methodology included a survey of subject matter experts to validate that the major findings of prior research on the cognitive work of cyber defenders, conducted over a decade ago, are still valid today. It also utilized a Goal Directed Task Analysis (GDTA) structure to represent the major task, goals, decisions, AQs and data source requirements of early stage cyber incident handlers. This yielded 40 AQs which are reported in this paper. Knowledge Elicitation (KE) interviews of domain practitioners were used to select the AQs with greatest potential for incorporation into a follow-on project to measure the effects of visualization on early stage incident handler performance. The AQs represent measurable units of cognitive work which must be performed using available data in a severely time-constrained work environment. Thus, they can serve as indicators of operator performance to be used in experiments on the effectiveness of visualization for event detection and preliminary analysis. They can also provide requirements for visualization designers and security products.","PeriodicalId":307308,"journal":{"name":"2016 IEEE Symposium on Visualization for Cyber Security (VizSec)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130409766","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 7

CyberPetri at CDX 2016: Real-time network situation awareness CyberPetri在CDX 2016上:实时网络态势感知

2016 IEEE Symposium on Visualization for Cyber Security (VizSec) Pub Date : 2016-10-01 DOI: 10.1109/VIZSEC.2016.7739584

Dustin L. Arendt, D. Best, R. Burtner, C. L. Paul

引用次数: 20

首页上一页