Skip to main content

Mental Model Mapping Method for Cybersecurity

  • Conference paper
  • First Online:
HCI for Cybersecurity, Privacy and Trust (HCII 2020)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12210))

Included in the following conference series:

Abstract

Visualizations can enhance the efficiency of Cyber Defense Analysts, Cyber Defense Incident Responders and Network Operations Specialists (Subject Matter Experts, SME) by providing contextual information for various cybersecurity-related datasets and data sources. We propose that customized, stereoscopic 3D visualizations, aligned with SMEs internalized representations of their data, may enhance their capability to understand the state of their systems in ways that flat displays with either text, 2D or 3D visualizations cannot afford. For these visualizations to be useful and efficient, we need to align these to SMEs internalized understanding of their data. In this paper we propose a method for interviewing SMEs to extract their implicit and explicit understanding of the data that they work with, to create useful, interactive, stereoscopically perceivable visualizations that would assist them with their tasks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    As designated PR-CDA-001 and bearing responsibilities for tasks identified in [18].

  2. 2.

    As designated PR-CIR-001 and bearing responsibilities for tasks identified in [18].

  3. 3.

    As designated OM-NET-001 and bearing responsibilities for tasks identified in [18].

  4. 4.

    In the context of this paper, “dataset” refers to the collection of individual data sources, e.g., network flow data, log files, PCAP, databases and other stores (Elasticsearch, Mongo, RDB-s) used by an SME at a particular organization.

  5. 5.

    “Entity” refers to any atomic unit that the user could encounter in the data that’s being investigated. In the context of this paper for example: a networked computer, IoT device, server, switch, but also a human actor (known user, malicious actor, administrator).

References

  1. NIST: National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NIST Special Publication 800-181). NIST, Gaithersburg (2017)

    Google Scholar 

  2. Sethi, A., Wills, G.: Expert-interviews led analysis of EEVi — a model for effective visualization in cyber-security. In: IEEE Symposium on Visualization for Cyber Security, Phoenix, AZ, USA (2017)

    Google Scholar 

  3. Marty, R.: Applied security visualization (2008)

    Google Scholar 

  4. Kullman, K., Asher, N.B., Sample, C.: Operator impressions of 3D visualizations for cybersecurity analysts. In: ECCWS 2019 18th European Conference on Cyber Warfare and Security, Coimbra (2019)

    Google Scholar 

  5. Kullman, K., Ryan, M., Trossbach, L.: VR/MR supporting the future of defensive cyber operations. In: The 14th IFAC/IFIP/IFORS/IEA Symposium on Analysis, Design, and Evaluation of Human-Machine Systems, Tallinn (2019)

    Google Scholar 

  6. Shearer, G., Edwards, J.: Vids Cyber Defense Visualization Project. US Army Research Laboratory, Adelphi (2020)

    Google Scholar 

  7. Munzner, T.: Visualization Analysis & Design, p. 428. A K Peters/CRC Press, Boca Raton (2014)

    Google Scholar 

  8. Ward, M.O., Grinstein, G., Keim, D.: Interaction techniques. In: Interactive Data Visualization: Foundations, Techniques, and Applications, 2nd edn., pp. 387–406. A K Peters/CRC Press (2015)

    Google Scholar 

  9. Wu, Y., Xu, L., Chang, R., Hellerstein, J.M., Wu, E.: Making sense of asynchrony in interactive data. J. Latex Cl. Files 14(8), 11 (2018)

    Google Scholar 

  10. Mckenna, S., Staheli, D., Meyer, M.: Unlocking user-centered design methods for building cyber security visualizations. In: 2015 IEEE Symposium on Visualization for Cyber Security (VizSec), Chicago, IL (2015)

    Google Scholar 

  11. Buchanan, L., D’Amico, A., Kirkpatrick, D.: Mixed method approach to identify analytic questions to be visualized for military cyber incident handlers. In: IEEE Symposium on Visualization for Cyber Security (VizSec), Baltimore, MD (2016)

    Google Scholar 

  12. Simonsen, J., Robertson, T.: Routledge International Handbook of Participatory Design. Routledge, Abingdon (2012)

    Book  Google Scholar 

  13. Marriott, K., et al.: Just 5 questions: toward a design framework for immersive analytics. In: Marriott, K., et al. (eds.) Immersive Analytics. LNCS, vol. 11190, pp. 259–288. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01388-2_9

    Chapter  Google Scholar 

  14. Marriott, K., et al.: Immersive analytics: time to reconsider the value of 3D for information visualisation. In: Marriott, K., et al. (eds.) Immersive Analytics. LNCS, vol. 11190, pp. 25–55. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01388-2_2

    Chapter  Google Scholar 

  15. Kullman, K., Cowley, J., Ben-Asher, N.: Enhancing cyber defense situational awareness using 3D visualizations. In: 13th International Conference on Cyber Warfare and Security, Washington, DC (2018)

    Google Scholar 

  16. Stuerzlinger, W., Dwyer, T., Drucker, S., Görg, C., North, C., Scheuermann, G.: Immersive human-centered computational analytics. In: Marriott, K., et al. (eds.) Immersive Analytics. LNCS, vol. 11190, pp. 139–163. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01388-2_5

    Chapter  Google Scholar 

  17. Klein, G., MacGregor, D.G.: Knowledge Elicitation of Recognition-Primed Decision Making. US Army Systems Research Laboratory, Alexandria, Virginia (1988)

    Google Scholar 

  18. NIST: Applied Cybersecurity Division, National Initiative for Cybersecurity Education (NICE). Reference Spreadsheet for the NICE Framework, NIST SP 800-181, 18 January 2018. https://www.nist.gov/itl/applied-cybersecurity/nice/nice-cybersecurity-workforce-framework-resource-center/current. Accessed January 2020

  19. Jordan, P.W., Thomas, B., McClelland, I.L., Weerdmeester, B.: Modified Cooper-Harper (MCH) Scale. In: Usability Evaluation In Industry, pp. 189–194. CRC Press (1996)

    Google Scholar 

  20. Donmez, B., Brzezinski, A.S., Graham, H., Cummings, M.L.: Modified cooper harper scales for assessing unmanned vehicle displays. Massachusetts Institute of Technology (2008)

    Google Scholar 

Download references

Acknowledgements

For all the hints, ideas and mentoring, authors thank Jennifer A. Cowley, Alexander Kott, Lee C. Trossbach, Jaan Priisalu, Olaf Manuel Maennel. This research was partly supported by the Army Research Laboratory under Cooperative Agreement Number W911NF-17-2-0083 and in conjunction with the CCDC Command, Control, Computers, Communications, Cyber, Intelligence, Surveillance, and Reconnaissance (C5ISR) Center. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation herein.

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Kaur Kullman , Laurin Buchanan , Anita Komlodi or Don Engel .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kullman, K., Buchanan, L., Komlodi, A., Engel, D. (2020). Mental Model Mapping Method for Cybersecurity. In: Moallem, A. (eds) HCI for Cybersecurity, Privacy and Trust. HCII 2020. Lecture Notes in Computer Science(), vol 12210. Springer, Cham. https://doi.org/10.1007/978-3-030-50309-3_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-50309-3_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-50308-6

  • Online ISBN: 978-3-030-50309-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics