论文信息 - From A to Z: Developing a Visual Vocabulary for Information Security Threat Visualisation

From A to Z: Developing a Visual Vocabulary for Information Security Threat Visualisation

Security visualisation is a very difficult problem due to its inherent need to represent complexity and to be flexible for a wide range of applications. As a result, many current approaches are not particularly effective. This paper presents several novel approaches for visualising information security threats which aim to create a flexible and effective basis for creating semantically rich threat visualisation diagrams. By presenting generalised approaches, these ideas can be applied to a wide variety of situations, as demonstrated in two specific visualisations: one for visualising attack trees, the other for visualising attack graphs. It concludes by discussing future work and introducing a novel exploration of attack models.

Eric Li | Axel Tanner | Jeroen Barendse | Frederic Brodbeck

[1] O. Reiser,et al. Principles Of Gestalt Psychology , 1936 .

[2] Maik Moeller. Managing Information Security Risks The Octave Approach , 2016 .

[3] Robert L. Harris,et al. Information Graphics: A Comprehensive Illustrated Reference , 1996 .

[4] Martin Wattenberg,et al. Arc diagrams: visualizing structure in strings , 2002, IEEE Symposium on Information Visualization, 2002. INFOVIS 2002..

[5] K. Koffka. Perception: an introduction to the Gestalt-Theorie. , 1922 .

[6] Colin Ware,et al. Information Visualization: Perception for Design , 2000 .

[7] Raffael Marty,et al. Applied Security Visualization , 2008 .

[8] Martin J. Eppler,et al. A systematic framework for risk visualization in risk management and communication , 2009 .