U.S. Department of Energy

Pacific Northwest National Laboratory

Exploring the Design Space for Cyber Alerts in Context

Publish Date: 
Wednesday, October 4, 2017
During knowledge elicitations with cyber analysts, we uncovered a need for tools that helps analysts understand threat alerts in a context of baseline ``normal'' behaviors. We used an iterative design process to create a prototype alert management system with which we can explore the critical design space for effective baseline visualizations. We report herein on the design elements of this user interface, and present associated expert feedback from a design evaluation in the associated poster. We summarize our initial insights into the design of effective baseline visualizations that could be integrated into a larger visualization-support cyber alert management workflow desired by cyber analysts.
Dowling M., L. Franklin, M. Feng, M.A. Pirrung, R.J. Jasper, J.A. Cottam, and L.M. Blaha. 2017. "Exploring the Design Space for Cyber Alerts in Context." In 14th IEEE Symposium on Visualization for Cyber Security (VizSec). PNNL-SA-128915.
| Pacific Northwest National Laboratory