Towards a Visual Analytics Workflow for Cybersecurity Simulations
| Authors | |
|---|---|
| Year of publication | 2023 |
| Type | Article in Proceedings |
| Conference | Proceedings of VISIGRAPP2023 - Volume3: IVAPP |
| MU Faculty or unit | |
| Citation | |
| Web | https://www.scitepress.org/Link.aspx?doi=10.5220/0011695000003417 |
| Doi | http://dx.doi.org/10.5220/0011695000003417 |
| Keywords | cybersecurity; attack simulator; visualizations; analytical workflow; task typology |
| Attached files | |
| Description | One of the contemporary grand challenges in cybersecurity research is designing and evaluating effective attack strategies on network infrastructures performed by autonomous agents. These attackers are developed and trained in simulated environments. While the simulation environments are maturing, their support for analyzing the simulation data remains limited, mainly to inspect individual simulation runs. Extending the analytical workflow to compare multiple runs and integrating visualizations could improve the design of both attack and defense strategies. Through our work, we want to spark interest in the largely overlooked domain of visual analytics for cybersecurity simulation workflows. In this paper, we a) analyze the current state of the art of using visualizations in cybersecurity simulations; b) conceptualize the three-tier analytical workflow and identify user tasks with suggested visualizations for each tier; c) demonstrate the use of visualizations that augment existing CYST simulator on several real-world tasks and discuss the limitations and lessons learned. |
| Related projects: |