Supporting the Cyber Analytic Process using Visual History on Large Displays

ABSTRACT:

Cyber analytics focuses on increasing the safety and soundness of our digital infrastructure. The volume, size and velocity of these datasets make the analysis challenging on current work environments and tools. A cyber analytics work environment should enable multiple, simultaneous investigations and information foraging, as well as provide a solution space for organizing data. As such, various workflow visualization tools are used to help users track their analysis, reuse effective workflows, and test hypotheses. Also, the use of large display workspaces can provide new opportunities for improving visual analytics in cyber security. In this work, we present a prototype workspace for analysts where the analytic process is maintained in the workspace. Thus, we are able to present analysts with visual states of their data throughout the investigation, in which real-time changes can be made to any previous state, and analysts can backtrack through their investigation.