Crush Your Data with ViC2ES Then CHISSL Away

  title={Crush Your Data with ViC2ES Then CHISSL Away},
  author={Dustin L. Arendt and Lyndsey R. Franklin and Fumeng Yang and Brooke R. Brisbois and Ryan R. LaMothe},
  journal={2018 IEEE Symposium on Visualization for Cyber Security (VizSec)},
Insider Threat Detection is one of the greatest challenges for organizational cybersecurity [2. [] Key Method [3], [4] We explored different visual compression techniques with binning or run length encoding, resulting in four unique designs built upon the same icon array presentation. We evaluated these four designs for both low-level and high-level tasks in two experiments: in Experiment I, participants performed perceptual tasks such as selecting the most and least similar activities for each of the…

Figures from this paper

A Gap Analysis of Visual and Functional Requirements in Cybersecurity Monitoring Tools

A trend analysis of latest research contributions presented in VizSec symposia in terms of visualization techniques and functional requirements is conducted and a deficiency concerning the requirements of collaboration, enhanced situational awareness, multi-stakeholder involvement, and multi-Stakeholder visualization were identified.

Developing Visualisations to Enhance an Insider Threat Product: A Case Study

This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals.

Analysis of the Design Space for Cybersecurity Visualizations in VizSec

Research on the analysis of the design space for cybersecurity visualizations in VizSec shows how research papers align with five key components of visualization design, i.e. Input Data, Security Tasks, Visual Encoding, Interactivity, and Evaluation.

The use of virtual reality interfaces in the field of information security

An overview of existing solutions to computer security problems using virtual and augmented reality interfaces, as well as an overview and classification of the identified threats for these interfaces themselves are provided.



Visualizing the insider threat: challenges and tools for identifying malicious user activity

  • P. Legg
  • Computer Science
    2015 IEEE Symposium on Visualization for Cyber Security (VizSec)
  • 2015
This work presents a visual analytics approach that incorporates multiple views, including a user selection tool that indicates anomalous behaviour, an interactive Principal Component Analysis tool that aids the analyst to assess the reasoning behind the anomaly detection results, and an activity plot that visualizes user and role activity over time.

Understanding the context of network traffic alerts

  • B. CappersJ. V. Wijk
  • Computer Science
    2016 IEEE Symposium on Visualization for Cyber Security (VizSec)
  • 2016
In this paper, an alert-oriented visual analytics approach for the exploration of network traffic content in multiple contexts is proposed and CoNTA (Contextual analysis of Network Traffic Alerts), experts are supported to discover threats in large alert collections through interactive exploration using selections and attributes of interest.

A Visual Analytics Approach for User Behaviour Understanding through Action Sequence Analysis

The initial phases of a visual analytics approach that aims to enable a rich understanding of user behaviour through the analysis of user activity sequences are described, which constitutes a novel combination of ``action space'' analysis, pattern mining, and the interactive visual analysis of multiple sequences.

Bridging the Gap: A Pragmatic Approach to Generating Insider Threat Data

The use of synthetic data is outlined to enable progress in one research program, while discussing the benefits and limitations of synthetic insider threat data, the meaning of realism in this context, as well as future research directions.

WireVis: Visualization of Categorical, Time-Varying Data From Financial Transactions

This paper presents a set of coordinated visualizations based on identifying specific keywords within the wire transactions which demonstrate relationships among keywords and accounts over time and introduces a search-by-example technique which extracts accounts that show similar transaction patterns.

LifeFlow: visualizing an overview of event sequences

A novel interactive visual overview of event sequences called LifeFlow is introduced, which is scalable, can summarize all possible sequences, and represents the temporal spacing of the events within sequences.

Progressive Visual Analytics: User-Driven Visual Exploration of In-Progress Analytics

This paper presents an alternative workflow, progressive visual analytics, which enables an analyst to inspect partial results of an algorithm as they become available and interact with the algorithm to prioritize subspaces of interest.

DecisionFlow: Visual Analytics for High-Dimensional Temporal Event Sequence Data

The study results demonstrate that DecisionFlow enables the quick and accurate completion of a range of sequence analysis tasks for datasets containing thousands of event types and millions of individual events.

Interactive Machine Learning at Scale With CHISSL

We demonstrate CHISSL a scalable client-server system for real-time interactive machine learning. Our system is capable of incorporating user feedback incrementally and immediately without a

CHISSL: A Human-Machine Collaboration Space for Unsupervised Learning

CHISSL, a human-machine interface that utilizes interactive supervision to help the user group unlabeled instances by her own mental model, is developed and it is hypothesized that this mode of human and machine collaboration is more effective than Active Learning, wherein the machine decides for itself which instances should be labeled by the user.