Lessons learned while supporting Cyber Situational Awareness
Abstract
The increasing number of cyberattacks against critical infrastructures has pushed researchers to develop many Visual Analytics solutions to provide valid defensive approaches and improve the situational awareness of the security operators. Applying such solutions to complex infrastructures is often challenging, and existing tools can present limitations and exhibit various issues. In this paper, supported by cybersecurity experts of a world leader company in the military domain, we apply an existing Visual Analytics solution, MAD, to a complex network of a critical infrastructure, highlighting its limitations in this scenario and proposing further solutions to improve the cyber situational awareness in both proactive and reactive risk analyses. The results of this research contribute to characterize the activities performed by domain experts in this domain and their implications for the design of Visual Analytics solutions that aim at supporting them.
BibTeX
@inproceedings {10.2312:eurova.20211093,
booktitle = {EuroVis Workshop on Visual Analytics (EuroVA)},
editor = {Vrotsou, Katerina and Bernard, Jürgen},
title = {{Lessons learned while supporting Cyber Situational Awareness}},
author = {Blasilli, Graziano and Paoli, Emiliano De and Lenti, Simone and Picca, Sergio},
year = {2021},
publisher = {The Eurographics Association},
ISBN = {978-3-03868-150-2},
DOI = {10.2312/eurova.20211093}
}
booktitle = {EuroVis Workshop on Visual Analytics (EuroVA)},
editor = {Vrotsou, Katerina and Bernard, Jürgen},
title = {{Lessons learned while supporting Cyber Situational Awareness}},
author = {Blasilli, Graziano and Paoli, Emiliano De and Lenti, Simone and Picca, Sergio},
year = {2021},
publisher = {The Eurographics Association},
ISBN = {978-3-03868-150-2},
DOI = {10.2312/eurova.20211093}
}