07-20-11
VizSec 2011: Cyber-security analytics
Ankit Singh, Alex Endert, Lauren Bradel, Christopher Andrews, Chris North and Robert Kincaid, “Using Large Displays for Live Visual History of Cyber-security Analytic Process”
Authors worked with eight professional cyber analysts a couple times a week for about three months. Also observed the analysists analyzing a known data set.
Watched analysts use:
- Multiple data sources
- Multiple tools/windows
- Extensive Excel usage
Noticed heavy use of versioning in the analysis. The analysts had difficulty re-creating their steps based on all the versions of documents they were creating.
Authors considered four improvements based on their observations.
- Make use of the resolution and size of the monitors – Give the users more resolution
- De-aggregation of data
- Case Management – They did lots of task switching which cost time and memory load.
- Process History – the ability to visualize and go back to prior states.
Created an add-on to Excel. The add-on provides a “Fork” option where the user can split off a new version associated with a new subtask. They can also make comments.
Propagating vs. Forking
If a user makes a change to a historical version should that change propagate to latter versions or should it branch? If propagation is used how do we indicate to users what will change?
PHOTOGRAPHY
RECENT
- Two new CUPS studies on online behavioral advertising
- Why Johnny Can’t Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising
- I Know Where You Live: Analyzing Privacy Protection in Public Databases
- Indirect Content Privacy Surveys: Measuring Privacy Without Asking About It (paper 15)
- Home is safer than the cloud! Privacy concerns for consumer cloud storage (Paper 13)
- Privacy: Is There An App For That? (Paper 12)
- ROAuth: Recommendation Based Open Authorization (Paper 11)