Martin Graham
Developing Visualisations to Enhance an Insider Threat Product: A Case Study
Graham, Martin; Kukla, Robert; Mandrychenko, Oleksii; Hart, Darren; Kennedy, Jessie
Authors
Dr Robert Kukla R.Kukla@napier.ac.uk
Senior Research Fellow
Oleksii Mandrychenko
Darren Hart
Prof Jessie Kennedy J.Kennedy@napier.ac.uk
Enhanced Associate
Abstract
This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform's data formats, the rationale behind the visualisations' design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.
Citation
Graham, M., Kukla, R., Mandrychenko, O., Hart, D., & Kennedy, J. (2021). Developing Visualisations to Enhance an Insider Threat Product: A Case Study. In 2021 IEEE Symposium on Visualization for Cyber Security (VizSec) (47-57). https://doi.org/10.1109/VizSec53666.2021.00011
| Conference Name | 2021 IEEE Symposium on Visualization for Cyber Security (VizSec) |
|---|---|
| Conference Location | New Orleans, USA |
| Start Date | Oct 24, 2021 |
| End Date | Oct 28, 2021 |
| Acceptance Date | Jul 28, 2021 |
| Online Publication Date | Dec 7, 2021 |
| Publication Date | 2021 |
| Deposit Date | Aug 18, 2021 |
| Publicly Available Date | Dec 7, 2021 |
| Publisher | Institute of Electrical and Electronics Engineers |
| Pages | 47-57 |
| Series ISSN | 2639-4332 |
| Book Title | 2021 IEEE Symposium on Visualization for Cyber Security (VizSec) |
| DOI | https://doi.org/10.1109/VizSec53666.2021.00011 |
| Keywords | insider threat, cybersecurity, visualisation |
| Public URL | http://researchrepository.napier.ac.uk/Output/2794188 |
Files
Developing Visualisations To Enhance An Insider Threat Product: A Case Study (accepted version)
(890 Kb)
PDF
Related Outputs
Developing Visualisations to Enhance an Insider Threat Product: A Case Study
(2021)
Presentation / Conference
You might also like
Developing Visualisations to Enhance an Insider Threat Product: A Case Study
(2021)
Presentation / Conference
Visual techniques to support exploratory analysis of temporal graph data.
(2015)
Conference Proceeding
Helium: visualization of large scale plant pedigrees
(2014)
Journal Article
Visual cleaning of genotype data.
(2013)
Conference Proceeding
Pianola - visualization of multivariate time-series security event data.
(2013)
Conference Proceeding
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search