Visible to the public Developing Visualisations to Enhance an Insider Threat Product: A Case Study

TitleDeveloping Visualisations to Enhance an Insider Threat Product: A Case Study
Publication TypeConference Paper
Year of Publication2021
AuthorsGraham, Martin, Kukla, Robert, Mandrychenko, Oleksii, Hart, Darren, Kennedy, Jessie
Conference Name2021 IEEE Symposium on Visualization for Cyber Security (VizSec)
Date Publishedoct
Keywordscomposability, Data visualization, Human and Societal Aspects of Security and Privacy, Human Behavior, human-centered computing, insider threat, interactive systems, Metrics, policy-based governance, privacy, Prototypes, pubcrawl, Refining, Security and Privacy, Software, Usability in security and privacy, visual analytics, visualization, Visualization application domains
AbstractThis paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily spot the patterns and outliers that visualisation naturally reveals. We describe the design and development process, proceeding from initial tasks/requirements gathering, understanding the platform's data formats, the rationale behind the visualisations' design, and then refining the prototype through gathering feedback from representative domain experts who are also current users of the software. Through a number of example scenarios, we show that the visualisation can support the identified tasks and aid analysts in discovering and understanding potentially risky insider activity within a large user base.
DOI10.1109/VizSec53666.2021.00011
Citation Keygraham_developing_2021