Abstract
This paper focuses on cyber situational awareness and describes a visual analytics solution for monitoring and putting in tight relation data from network level with the organization business. The goal of the proposed solution is to make different security profiles (network security officer, network security manager, and financial security manager) aware of the actual network state (e.g., risk and attack progress) and the impact it actually has on the business tasks, making clear the relationships that exist between the network level and the business level. The proposed solution is instantiated on the ACEA infrastructure, the Italian company that provides power and water purification services to cities in central Italy (millions of end users).
Graphical Abstract
Similar content being viewed by others
References
Angelini M, Santucci G (2015) Visual cyber situational awareness for critical infrastructures. In: Proceedings of ACM VINCI ’15, August 24–26, Tokyo
Auber D, Chiricota Y, Jourdan F, Melançon G (2003) Multiscale visualization of small world networks. In: Proceedings of the ninth annual IEEE conference on information visualization, INFOVIS’03. IEEE Computer Society, Washington, DC, pp 75–81
Borgo R, Kehrer J, Chung DH, Maguire E, Laramee RS, Hauser H, Ward M, Chen M (2013) Glyph-based visualization: Foundations, design guidelines, techniques and applications. Eurographics State of the Art Reports, pp 39–63. http://diglib.eg.org/EG/DL/conf/EG2013/stars/039-063.pdf
Buchmller J, Jckle D, Stoffel F, Keim DA (2016) SpaceCuts: making room for visualizations on maps. In: Bertini E, Elmqvist N, Wischgoll T (eds) EuroVis 2016—Short Papers. The Eurographics Association
Chen VY, Ko S, Ebert DS, Qian CZ, Razip AM (2012) Semanticprism: A multi-aspect view of large high-dimensional data: Vast 2012 mini challenge 1 award: outstanding integrated analysis and visualization. In: Proceedings of the 2012 IEEE conference on visual analytics science and technology (VAST), VAST’12. IEEE Computer Society, Washington, DC, pp 259–260
Creese S, Goldsmith M, Moffat N, Happa J, Agrafiotis I (2013) Cybervis: visualizing the potential impact of cyber attacks on the wider enterprise. In: Technologies for Homeland Security (HST), 2013 IEEE International Conference on, pp 73–79
D’Amico A, Larkin M (2001) Methods of visualizing temporal patterns in and mission impact of computer security breaches. In: DARPA information survivability conference& exposition II, 2001. DISCEX’01. Proceedings, vol 1. IEEE, pp 343–351
D’Amico A, Salas S (2003) Visualization as an aid for assessing the mission impact of information security breaches’. In: DARPA information survivability conference and exposition, 2003. Proceedings, vol 2. IEEE, pp 190–195
Giacobe N, Xu S (2011) Geovisual analytics for cyber security: adopting the geoviz toolkit. In: Visual analytics science and technology (VAST), 2011 IEEE Conference on, pp 315–316
Goodall JR, Sowul M (2009) Viassist: visual analytics for cyber defense. In: Technologies for homeland security, 2009. HST’09. IEEE conference on Boston, MA, pp 143-150. doi:10.1109/THS.2009.5168026
Grégoire M, Beaudoin L (2005) Visualisation for network situational awareness in computer network defence. Vis Common Oper Pict, pp 20-1–20-6
Hardisty F, Robinson AC (2011) The geoviz toolkit: using component-oriented coordination methods for geographic visualization and analysis. Int J Geogr Inf Sci 25(2):191–210
Hideshima Y, Koike H (2006) Starmine: a visualization system for cyber attacks. In: Proceedings of the 2006 Asia-Pacific symposium on information visualisation—Volume 60, APVis’06. Australian Computer Society, Inc., Darlinghurst, pp 131–138
Karapistoli E, Sarigiannidis P, Economides AA (2013) Srnet: a real-time, cross-based anomaly detection and visualization system for wireless sensor networks. In: Proceedings of the tenth workshop on visualization for cyber security. ACM, pp 49–56
Nusinov M, Yang SJ, Holsopple J, Sudit M (2009) Visaw: visualizing threat and impact assessment for enhanced situation awareness. In: Military communications conference, 2009. MILCOM 2009. IEEE, pp 1–7
Acknowledgments
This work was supported by the PANOPTESEC European Project (FP7-ICT-2013-10 Objective ICT-2013.1.5 Trustworthy ICT item).
Author information
Authors and Affiliations
Corresponding author
Electronic supplementary material
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Angelini, M., Santucci, G. Cyber situational awareness: from geographical alerts to high-level management. J Vis 20, 453–459 (2017). https://doi.org/10.1007/s12650-016-0377-3
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12650-016-0377-3