Martin Graham, R. Kukla, O. Mandrychenko, D. Hart, J. Kennedy
{"title":"开发可视化以增强内部威胁产品:案例研究","authors":"Martin Graham, R. Kukla, O. Mandrychenko, D. Hart, J. Kennedy","doi":"10.1109/VizSec53666.2021.00011","DOIUrl":null,"url":null,"abstract":"This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform’s data formats, the rationale behind the visualisations’ design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.","PeriodicalId":183519,"journal":{"name":"2021 IEEE Symposium on Visualization for Cyber Security (VizSec)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Developing Visualisations to Enhance an Insider Threat Product: A Case Study\",\"authors\":\"Martin Graham, R. Kukla, O. Mandrychenko, D. Hart, J. Kennedy\",\"doi\":\"10.1109/VizSec53666.2021.00011\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform’s data formats, the rationale behind the visualisations’ design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.\",\"PeriodicalId\":183519,\"journal\":{\"name\":\"2021 IEEE Symposium on Visualization for Cyber Security (VizSec)\",\"volume\":\"83 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE Symposium on Visualization for Cyber Security (VizSec)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/VizSec53666.2021.00011\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE Symposium on Visualization for Cyber Security (VizSec)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/VizSec53666.2021.00011","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Developing Visualisations to Enhance an Insider Threat Product: A Case Study
This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform’s data formats, the rationale behind the visualisations’ design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
