Visualization Techniques for Cybersecurity

Security analysts today have to analyze vast amounts of data about cyber-attacks, and react quickly to discovered threats. Recent reports suggest that existing security mechanisms, such as firewalls, password-protection systems, two-factor authentication, separation of privilege and even physical isolation, have been overcome by skilled and persistent hackers. Follow-up analyses of successful targeted attacks suggest that well-trained human analysts would have been able to detect these threats if they had been presented with the appropriate data. The Augmentarium will allow us to experiment with various visualization techniques for empowering security analysts who handle large data sets, and we will build on this expertise to create novel techniques for identifying such rare events in high-volume streams of security telemetry.