Towards a Visual Analytics Workflow for Cybersecurity Simulations

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F23%3A00130096" target="_blank" >RIV/00216224:14610/23:00130096 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.scitepress.org/Link.aspx?doi=10.5220/0011695000003417" target="_blank" >https://www.scitepress.org/Link.aspx?doi=10.5220/0011695000003417</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.5220/0011695000003417" target="_blank" >10.5220/0011695000003417</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Towards a Visual Analytics Workflow for Cybersecurity Simulations

Popis výsledku v původním jazyce

One of the contemporary grand challenges in cybersecurity research is designing and evaluating effective attack strategies on network infrastructures performed by autonomous agents. These attackers are developed and trained in simulated environments. While the simulation environments are maturing, their support for analyzing the simulation data remains limited, mainly to inspect individual simulation runs. Extending the analytical workflow to compare multiple runs and integrating visualizations could improve the design of both attack and defense strategies. Through our work, we want to spark interest in the largely overlooked domain of visual analytics for cybersecurity simulation workflows. In this paper, we a) analyze the current state of the art of using visualizations in cybersecurity simulations; b) conceptualize the three-tier analytical workflow and identify user tasks with suggested visualizations for each tier; c) demonstrate the use of visualizations that augment existing CYST simulator on several real-world tasks and discuss the limitations and lessons learned.

Název v anglickém jazyce

Towards a Visual Analytics Workflow for Cybersecurity Simulations

Popis výsledku anglicky

One of the contemporary grand challenges in cybersecurity research is designing and evaluating effective attack strategies on network infrastructures performed by autonomous agents. These attackers are developed and trained in simulated environments. While the simulation environments are maturing, their support for analyzing the simulation data remains limited, mainly to inspect individual simulation runs. Extending the analytical workflow to compare multiple runs and integrating visualizations could improve the design of both attack and defense strategies. Through our work, we want to spark interest in the largely overlooked domain of visual analytics for cybersecurity simulation workflows. In this paper, we a) analyze the current state of the art of using visualizations in cybersecurity simulations; b) conceptualize the three-tier analytical workflow and identify user tasks with suggested visualizations for each tier; c) demonstrate the use of visualizations that augment existing CYST simulator on several real-world tasks and discuss the limitations and lessons learned.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of VISIGRAPP2023 - Volume3: IVAPP

ISBN

9789897586347

ISSN

2184-4321

e-ISSN

—

Počet stran výsledku

8

Strana od-do

179-186

Název nakladatele

SCITEPRESS – Science and Technology Publications, Lda.

Místo vydání

Lisbon, Portugal

Místo konání akce

Lisbon, Portugal

Datum konání akce

19. 2. 2023

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—