Skip to main content

Research Repository

Advanced Search

Developing Visualisations to Enhance an Insider Threat Product: A Case Study

Graham, Martin; Kukla, Robert; Mandrychenko, Oleksii; Hart, Darren; Kennedy, Jessie

Authors

Martin Graham

Oleksii Mandrychenko

Darren Hart



Abstract

This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform's data formats, the rationale behind the visualisations' design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.

Presentation Conference Type Conference Paper (Published)
Conference Name 2021 IEEE Symposium on Visualization for Cyber Security (VizSec)
Start Date Oct 24, 2021
End Date Oct 28, 2021
Acceptance Date Jul 28, 2021
Online Publication Date Dec 7, 2021
Publication Date 2021
Deposit Date Aug 18, 2021
Publicly Available Date Dec 7, 2021
Publisher Institute of Electrical and Electronics Engineers
Pages 47-57
Series ISSN 2639-4332
Book Title 2021 IEEE Symposium on Visualization for Cyber Security (VizSec)
DOI https://doi.org/10.1109/VizSec53666.2021.00011
Keywords insider threat, cybersecurity, visualisation
Public URL http://researchrepository.napier.ac.uk/Output/2794188

Files

Developing Visualisations To Enhance An Insider Threat Product: A Case Study (accepted version) (890 Kb)
PDF






You might also like



Downloadable Citations