Towards a Visual Analytics Workflow for Cybersecurity Simulations

Investor logo

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Institute of Computer Science. Official publication website can be found on muni.cz.
Authors

RUSŇÁK Vít DRAŠAR Martin

Year of publication 2023
Type Article in Proceedings
Conference Proceedings of VISIGRAPP2023 - Volume3: IVAPP
MU Faculty or unit

Institute of Computer Science

Citation
Web https://www.scitepress.org/Link.aspx?doi=10.5220/0011695000003417
Doi http://dx.doi.org/10.5220/0011695000003417
Keywords cybersecurity; attack simulator; visualizations; analytical workflow; task typology
Attached files
Description One of the contemporary grand challenges in cybersecurity research is designing and evaluating effective attack strategies on network infrastructures performed by autonomous agents. These attackers are developed and trained in simulated environments. While the simulation environments are maturing, their support for analyzing the simulation data remains limited, mainly to inspect individual simulation runs. Extending the analytical workflow to compare multiple runs and integrating visualizations could improve the design of both attack and defense strategies. Through our work, we want to spark interest in the largely overlooked domain of visual analytics for cybersecurity simulation workflows. In this paper, we a) analyze the current state of the art of using visualizations in cybersecurity simulations; b) conceptualize the three-tier analytical workflow and identify user tasks with suggested visualizations for each tier; c) demonstrate the use of visualizations that augment existing CYST simulator on several real-world tasks and discuss the limitations and lessons learned.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.