skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Using 3D network visualization to enhance rapid threat recognition and response.

Abstract

No abstract prepared.

Authors:
; ;
Publication Date:
Research Org.:
Sandia National Laboratories
Sponsoring Org.:
USDOE
OSTI Identifier:
969548
Report Number(s):
SAND2005-2475C
TRN: US201001%%677
DOE Contract Number:
AC04-94AL85000
Resource Type:
Conference
Resource Relation:
Conference: Proposed for presentation at the DHS R&D Conference held April 26-28, 2005 in Boston, MA.
Country of Publication:
United States
Language:
English
Subject:
45 MILITARY TECHNOLOGY, WEAPONRY, AND NATIONAL DEFENSE; 97 MATHEMATICAL METHODS AND COMPUTING; 99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE; COMPUTER GRAPHICS; THREE-DIMENSIONAL CALCULATIONS; SABOTAGE; DETECTION; RESPONSE FUNCTIONS

Citation Formats

Van Randwyk, Jamie A., Custer, Ryan P., and Lee, Erik J.. Using 3D network visualization to enhance rapid threat recognition and response.. United States: N. p., 2005. Web.
Van Randwyk, Jamie A., Custer, Ryan P., & Lee, Erik J.. Using 3D network visualization to enhance rapid threat recognition and response.. United States.
Van Randwyk, Jamie A., Custer, Ryan P., and Lee, Erik J.. Fri . "Using 3D network visualization to enhance rapid threat recognition and response.". United States. doi:.
@article{osti_969548,
title = {Using 3D network visualization to enhance rapid threat recognition and response.},
author = {Van Randwyk, Jamie A. and Custer, Ryan P. and Lee, Erik J.},
abstractNote = {No abstract prepared.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Fri Apr 01 00:00:00 EST 2005},
month = {Fri Apr 01 00:00:00 EST 2005}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • Abstract not provided.
  • No abstract prepared.
  • Cyber network analysts follow complex processes in their investigations of potential threats to their network. Much research is dedicated to providing automated tool support in the effort to make their tasks more efficient, accurate, and timely. This tool support comes in a variety of implementations from machine learning algorithms that monitor streams of data to visual analytic environments for exploring rich and noisy data sets. Cyber analysts, however, often speak of a need for tools which help them merge the data they already have and help them establish appropriate baselines against which to compare potential anomalies. Furthermore, existing threat modelsmore » that cyber analysts regularly use to structure their investigation are not often leveraged in support tools. We report on our work with cyber analysts to understand they analytic process and how one such model, the MITRE ATT&CK Matrix [32], is used to structure their analytic thinking. We present our efforts to map specific data needed by analysts into the threat model to inform our eventual visualization designs. We examine data mapping for gaps where the threat model is under-supported by either data or tools. We discuss these gaps as potential design spaces for future research efforts. We also discuss the design of a prototype tool that combines machine-learning and visualization components to support cyber analysts working with this threat model.« less
  • Geographic data sets are often very large in size. Interactive visualization of such data at all scales is not easy because of the limited resolution of the monitors and inability of visualization applications to handle the volume of data. This is especially true for large vector datasets. The end user s experience is frequently unsatisfactory when exploring such data over the web using a naive application. Network bandwidth is another contributing factor to the low performance. In this paper, a Quadtree based technique to visualize extremely large spatial network datasets over the web is described. It involves using custom developedmore » algorithms leveraging a PostGIS database as the data source and Google Earth as the visualization client. This methodology supports both point and range queries along with non-spatial queries. This methodology is demonstrated using a network dataset consisting of several million links. The methodology is based on using some of the powerful features of KML (Keyhole Markup Language). Keyhole Markup Language (KML) is an Open Geospatial Consortium (OGC) standard for displaying geospatial data on Earth browsers. One of the features of KML is the notion of Network Links. Using network links, a wide range of geospatial data sources such as geodatabases, static files and geospatial data services can be simultaneously accessed and visualized seamlessly. Using the network links combined with Level of Detail principle, view based rendering and intelligent server and client-side caching, scalability in visualizing extremely large spatial datasets can be achieved.« less