SlideShare a Scribd company logo

Visual Analytics for User Behaviour Analysis in Cyber Systems

Cagatay Turkay
Cagatay Turkay

Slides for my short talk at the Alan Turing Institute at the "Visualisation for Data Science and AI" workshop (https://www.turing.ac.uk/events/visualization-data-science-and-ai). The talk discusses a role for visualization to support decision making with algorithms and walks through an example of our EC H2020 funded DiSIEM research project.

Data & Analytics
1 of 22
Download to read offline
Visual Analytics for User Behaviour Analysis in Cyber Systems Cagatay Turkay Senior Lecturer in Applied Data Science, giCentre, City, University of London (Assoc. Prof. @ CIM, University of Warwick) #VizTIG Seminar, Alan Turing Institute, 13 September 2019
VIS for communication VIS for analysis Sources: [*] http://www.theguardian.com/politics/ng-interactive/2015/apr/20/election-2015-constituency-map [**] http://www.nytimes.com/interactive/2012/05/17/business/dealbook/how-the-facebook-offering-compares.html [Elzen & Wijk, 2010] http://playground.tensorflow.org [*] [**] VIS for decision-making with algorithms
Visual Analytics? Combining visual and computational analysis: human strengths & computing [SACHA et al., 2014]
... provide several perspectives concurrently (e.g., multiple datasets, scales, parameters, algorithms, representations ...) ... support the interactive comparison & evaluation of (several) algorithmic results by putting the results in context VA can …
CASE STUDY – Interactive User Behaviour Analytics in Cyber Systems VASABI: Hierarchical User Profiles for Interactive Visual User Behaviour Analytics Nguyen PH, Henkin R, Chen S, Andrienko N, Andrienko G, Thonnard O, Turkay C. IEEE TVCG, 2019 Understanding User Behaviour through Action Sequences: from the Usual to the Unusual Nguyen, P.H., Turkay, C., Andrienko, G., Andrienko, N., Thonnard, O. and Zouaoui, J. , IEEE TVCG, 2018
https://www.networkworld.com/article/2904356/detecting-advanced-threats-with-user-behavior-analytics.html https://www.csoonline.com/article/2998174/user-entity-behavior-analytics-next-step-in-security-visibilty.html https://www.csoonline.com/article/3026175/time-to-consider-user-behavior-analytics-uba.html https://searchsecurity.techtarget.com/feature/User-behavioral-analytics-tools-can-thwart-security-attacks
Design Process ~ 2 years of close collaboration with cyber security experts interviews to understand workflow and status quo iterative workshops rapid prototypes
… …. session 3 score = 0.7 session 2 score = 0.8 user actions user digital application 08:40:05 Search Account 08:40:45 Unlock Account 08:41:03 Search Account 08:41:15 Search Account 08:42:01 Display Account ……… session 1 score = 0.2 user behaviour usual? unusual? why? In this study: 31 days 15,000 sessions 1,400 users 300 action types
score color hue → type position → time Search Account Display Account Unlock Account semantic distance based action clustering 08:30 09:00 11:30 12:30 13:0012:0011:0010:00 10:3009:30 action Preserving the sequence (but dropping actual time):
How expected is … given that the user has done all of … … before? Most important decision to make is:
0.7(not 42) the algorithm says …
A comprehensive & multi-faceted understanding of user behaviour is needed to put the the result in context for making a decision… this is where VA comes in …
Summarising User Behaviour Extracting Common Tasks using Topic Modelling Chen, S., Andrienko, N., Andrienko, G., Adilova, L., Barlet, J., Kindermann, J., Nguyen, P.H., Thonnard, O. and Turkay, C., 2019. LDA Ensembles for Interactive Exploration and Categorization of Behaviors. IEEE transactions on visualization and computer graphics.
Summarising User Behaviour Extracting Common Tasks using Topic Modelling Each “topic” becomes a “task” <search, unlock> ~ Help-desking <CreateUser, AssignRole1, AssingRole2> ~ User Management
Summarising User Behaviour Visual task distribution summaries timelines of sessions A user with repetitive behaviour A user with diverse behaviour <search, unlock> Help-desk person?
Putting sessions in context Visual user profiles Historic data context Sessions of interest
Extracting User Roles Task-based user clusters Task distributions for groups e.g., a group managing user accounts Most representative users
An unusually long session but a common task, i.e., office management Lots of user accounts locked ..
... provide several perspectives concurrently (e.g., multiple datasets, scales, parameters, algorithms, representations ...) ... support the interactive comparison & evaluation of (several) algorithmic results by putting the results in context VA can …
Effective data-intensive decision making requires approaches designed with human-centred thinking to empower people at all stages of the data science process … and visualisation research offers theories, methodologies, techniques and know-how
Visual Analytics for User Behaviour Analysis in Cyber Systems #VizTIG Seminar, Alan Turing Institute, 13 September 2019 giCentre: https://www.gicentre.net/ CIM: https://warwick.ac.uk/fac/cross_fac/cim/ Personal Web: http://www.staff.city.ac.uk/cagatay.turkay.1/ Twitter: @cagatay_turkay Slides: https://www.slideshare.net/cagatayturkay Cagatay Turkay Senior Lecturer in Applied Data Science, giCentre, City, University of London (Assoc. Prof. @ CIM, University of Warwick) Thanks to:

Recommended

On Collective Reinforcement Learning
On Collective Reinforcement LearningOn Collective Reinforcement Learning
On Collective Reinforcement Learning
Gianluca Aguzzi
 
Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...
Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...
Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...
Gianluca Aguzzi
 
MTECH_VISHAVVIKASH
MTECH_VISHAVVIKASHMTECH_VISHAVVIKASH
MTECH_VISHAVVIKASH
Vishav Vikash
 
An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage...
An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage... An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage...
An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage...
Toshihiko Yamakami
 
HI5030 Business Systems Analysis And Design.docx
HI5030 Business Systems Analysis And Design.docxHI5030 Business Systems Analysis And Design.docx
HI5030 Business Systems Analysis And Design.docx
write4
 
物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design
物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design
物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design
Ting-Han Chen
 
Stary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdf
Stary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdfStary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdf
Stary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdf
Hải Quân
 
Information Technology in Industry(ITII) - November Issue 2018
Information Technology in Industry(ITII) - November Issue 2018Information Technology in Industry(ITII) - November Issue 2018
Information Technology in Industry(ITII) - November Issue 2018
ITIIIndustries
 

Recommended

On Collective Reinforcement Learning
On Collective Reinforcement LearningOn Collective Reinforcement Learning
On Collective Reinforcement Learning
Gianluca Aguzzi
 
Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...
Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...
Doctoral Symposium ACSOS 2021: Research directions for Aggregate Computing wi...
Gianluca Aguzzi
 
MTECH_VISHAVVIKASH
MTECH_VISHAVVIKASHMTECH_VISHAVVIKASH
MTECH_VISHAVVIKASH
Vishav Vikash
 
An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage...
An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage... An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage...
An Evolution-by-design Approach: Toward Multi-disciplinary Life-cycle Manage...
Toshihiko Yamakami
 
HI5030 Business Systems Analysis And Design.docx
HI5030 Business Systems Analysis And Design.docxHI5030 Business Systems Analysis And Design.docx
HI5030 Business Systems Analysis And Design.docx
write4
 
物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design
物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design
物聯網產品體驗設計架構 | A Conceptual Framework for IoT Product Experience Design
Ting-Han Chen
 
Stary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdf
Stary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdfStary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdf
Stary2020_Chapter_TheInternet-of-BehaviorAsOrganRG.pdf
Hải Quân
 
Information Technology in Industry(ITII) - November Issue 2018
Information Technology in Industry(ITII) - November Issue 2018Information Technology in Industry(ITII) - November Issue 2018
Information Technology in Industry(ITII) - November Issue 2018
ITIIIndustries
 
Summ11 useinterx
Summ11 useinterxSumm11 useinterx
Summ11 useinterx
Anne-Marie Armstrong
 
2015-11-11 research seminar
2015-11-11 research seminar2015-11-11 research seminar
2015-11-11 research seminar
ifi8106tlu
 
Musstanser Avanzament 4 (Final No Animation)
Musstanser Avanzament 4 (Final No Animation)Musstanser Avanzament 4 (Final No Animation)
Musstanser Avanzament 4 (Final No Animation)
Musstanser Tinauli
 
2009-Social computing-First steps to netviz nirvana
2009-Social computing-First steps to netviz nirvana2009-Social computing-First steps to netviz nirvana
2009-Social computing-First steps to netviz nirvana
Marc Smith
 
OpenVis Conference Report Part 1 (and Introduction to D3.js)
OpenVis Conference Report Part 1 (and Introduction to D3.js)OpenVis Conference Report Part 1 (and Introduction to D3.js)
OpenVis Conference Report Part 1 (and Introduction to D3.js)
Keiichiro Ono
 
Visualization for Software Analytics
Visualization for Software AnalyticsVisualization for Software Analytics
Visualization for Software Analytics
Margaret-Anne Storey
 
2021 design coop_ml
2021 design coop_ml2021 design coop_ml
2021 design coop_ml
Meng Li (李萌) PhD on XR facilitated Human Centred Design
 
Lq3620002008
Lq3620002008Lq3620002008
Lq3620002008
IJERA Editor
 
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
Pedro Luis Mateo Navarro
 
UGA_Thinking_Interactively_with_Visualizations.ppt
UGA_Thinking_Interactively_with_Visualizations.pptUGA_Thinking_Interactively_with_Visualizations.ppt
UGA_Thinking_Interactively_with_Visualizations.ppt
AnasShoaib7
 
Quality Factor between Visual Studio and Android Studio for Developing Video ...
Quality Factor between Visual Studio and Android Studio for Developing Video ...Quality Factor between Visual Studio and Android Studio for Developing Video ...
Quality Factor between Visual Studio and Android Studio for Developing Video ...
ijtsrd
 
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
Adrien Joly
 
SCCAI- A Student Career Counselling Artificial Intelligence
SCCAI- A Student Career Counselling Artificial IntelligenceSCCAI- A Student Career Counselling Artificial Intelligence
SCCAI- A Student Career Counselling Artificial Intelligence
vivatechijri
 
CVLinkedIn
CVLinkedInCVLinkedIn
CVLinkedIn
Jun Ma
 
Hardware Design Practices For Modern Hardware
Hardware Design Practices For Modern HardwareHardware Design Practices For Modern Hardware
Hardware Design Practices For Modern Hardware
Winstina Kennedy
 
City i-Tick: The android based mobile application for students’ attendance at...
City i-Tick: The android based mobile application for students’ attendance at...City i-Tick: The android based mobile application for students’ attendance at...
City i-Tick: The android based mobile application for students’ attendance at...
journalBEEI
 
Technical Appraisal Tool, MICE - Acting on Change 2016
Technical Appraisal Tool, MICE - Acting on Change 2016Technical Appraisal Tool, MICE - Acting on Change 2016
Technical Appraisal Tool, MICE - Acting on Change 2016
PERICLES_FP7
 
IATMSI 2022 Presentation Format.pptx
IATMSI 2022 Presentation Format.pptxIATMSI 2022 Presentation Format.pptx
IATMSI 2022 Presentation Format.pptx
MayankLovanshi4
 
Vol 17 No 1 - January June 2017
Vol 17 No 1 - January June 2017Vol 17 No 1 - January June 2017
Vol 17 No 1 - January June 2017
ijcsbi
 
Interaction Design (IxD) in the context of User Experience (UX)
Interaction Design (IxD) in the context of User Experience (UX)Interaction Design (IxD) in the context of User Experience (UX)
Interaction Design (IxD) in the context of User Experience (UX)
Dave Malouf
 
The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
Cagatay Turkay
 
Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Visualisation for Data Science: Advances and Opportunities in Visualisation R...Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Cagatay Turkay
 

More Related Content

Similar to Visual Analytics for User Behaviour Analysis in Cyber Systems

Summ11 useinterx
Summ11 useinterxSumm11 useinterx
Summ11 useinterx
Anne-Marie Armstrong
 
2015-11-11 research seminar
2015-11-11 research seminar2015-11-11 research seminar
2015-11-11 research seminar
ifi8106tlu
 
Musstanser Avanzament 4 (Final No Animation)
Musstanser Avanzament 4 (Final No Animation)Musstanser Avanzament 4 (Final No Animation)
Musstanser Avanzament 4 (Final No Animation)
Musstanser Tinauli
 
2009-Social computing-First steps to netviz nirvana
2009-Social computing-First steps to netviz nirvana2009-Social computing-First steps to netviz nirvana
2009-Social computing-First steps to netviz nirvana
Marc Smith
 
OpenVis Conference Report Part 1 (and Introduction to D3.js)
OpenVis Conference Report Part 1 (and Introduction to D3.js)OpenVis Conference Report Part 1 (and Introduction to D3.js)
OpenVis Conference Report Part 1 (and Introduction to D3.js)
Keiichiro Ono
 
Visualization for Software Analytics
Visualization for Software AnalyticsVisualization for Software Analytics
Visualization for Software Analytics
Margaret-Anne Storey
 
2021 design coop_ml
2021 design coop_ml2021 design coop_ml
2021 design coop_ml
Meng Li (李萌) PhD on XR facilitated Human Centred Design
 
Lq3620002008
Lq3620002008Lq3620002008
Lq3620002008
IJERA Editor
 
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
Pedro Luis Mateo Navarro
 
UGA_Thinking_Interactively_with_Visualizations.ppt
UGA_Thinking_Interactively_with_Visualizations.pptUGA_Thinking_Interactively_with_Visualizations.ppt
UGA_Thinking_Interactively_with_Visualizations.ppt
AnasShoaib7
 
Quality Factor between Visual Studio and Android Studio for Developing Video ...
Quality Factor between Visual Studio and Android Studio for Developing Video ...Quality Factor between Visual Studio and Android Studio for Developing Video ...
Quality Factor between Visual Studio and Android Studio for Developing Video ...
ijtsrd
 
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
Adrien Joly
 
SCCAI- A Student Career Counselling Artificial Intelligence
SCCAI- A Student Career Counselling Artificial IntelligenceSCCAI- A Student Career Counselling Artificial Intelligence
SCCAI- A Student Career Counselling Artificial Intelligence
vivatechijri
 
CVLinkedIn
CVLinkedInCVLinkedIn
CVLinkedIn
Jun Ma
 
Hardware Design Practices For Modern Hardware
Hardware Design Practices For Modern HardwareHardware Design Practices For Modern Hardware
Hardware Design Practices For Modern Hardware
Winstina Kennedy
 
City i-Tick: The android based mobile application for students’ attendance at...
City i-Tick: The android based mobile application for students’ attendance at...City i-Tick: The android based mobile application for students’ attendance at...
City i-Tick: The android based mobile application for students’ attendance at...
journalBEEI
 
Technical Appraisal Tool, MICE - Acting on Change 2016
Technical Appraisal Tool, MICE - Acting on Change 2016Technical Appraisal Tool, MICE - Acting on Change 2016
Technical Appraisal Tool, MICE - Acting on Change 2016
PERICLES_FP7
 
IATMSI 2022 Presentation Format.pptx
IATMSI 2022 Presentation Format.pptxIATMSI 2022 Presentation Format.pptx
IATMSI 2022 Presentation Format.pptx
MayankLovanshi4
 
Vol 17 No 1 - January June 2017
Vol 17 No 1 - January June 2017Vol 17 No 1 - January June 2017
Vol 17 No 1 - January June 2017
ijcsbi
 
Interaction Design (IxD) in the context of User Experience (UX)
Interaction Design (IxD) in the context of User Experience (UX)Interaction Design (IxD) in the context of User Experience (UX)
Interaction Design (IxD) in the context of User Experience (UX)
Dave Malouf
 

Similar to Visual Analytics for User Behaviour Analysis in Cyber Systems (20)

Summ11 useinterx
Summ11 useinterxSumm11 useinterx
Summ11 useinterx
 
2015-11-11 research seminar
2015-11-11 research seminar2015-11-11 research seminar
2015-11-11 research seminar
 
Musstanser Avanzament 4 (Final No Animation)
Musstanser Avanzament 4 (Final No Animation)Musstanser Avanzament 4 (Final No Animation)
Musstanser Avanzament 4 (Final No Animation)
 
2009-Social computing-First steps to netviz nirvana
2009-Social computing-First steps to netviz nirvana2009-Social computing-First steps to netviz nirvana
2009-Social computing-First steps to netviz nirvana
 
OpenVis Conference Report Part 1 (and Introduction to D3.js)
OpenVis Conference Report Part 1 (and Introduction to D3.js)OpenVis Conference Report Part 1 (and Introduction to D3.js)
OpenVis Conference Report Part 1 (and Introduction to D3.js)
 
Visualization for Software Analytics
Visualization for Software AnalyticsVisualization for Software Analytics
Visualization for Software Analytics
 
2021 design coop_ml
2021 design coop_ml2021 design coop_ml
2021 design coop_ml
 
Lq3620002008
Lq3620002008Lq3620002008
Lq3620002008
 
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
A Context-aware Model for the Analysis of User Interaction and QoE in Mobile ...
 
UGA_Thinking_Interactively_with_Visualizations.ppt
UGA_Thinking_Interactively_with_Visualizations.pptUGA_Thinking_Interactively_with_Visualizations.ppt
UGA_Thinking_Interactively_with_Visualizations.ppt
 
Quality Factor between Visual Studio and Android Studio for Developing Video ...
Quality Factor between Visual Studio and Android Studio for Developing Video ...Quality Factor between Visual Studio and Android Studio for Developing Video ...
Quality Factor between Visual Studio and Android Studio for Developing Video ...
 
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
PhD Defense - A Context Management Framework based on Wisdom of Crowds for So...
 
SCCAI- A Student Career Counselling Artificial Intelligence
SCCAI- A Student Career Counselling Artificial IntelligenceSCCAI- A Student Career Counselling Artificial Intelligence
SCCAI- A Student Career Counselling Artificial Intelligence
 
CVLinkedIn
CVLinkedInCVLinkedIn
CVLinkedIn
 
Hardware Design Practices For Modern Hardware
Hardware Design Practices For Modern HardwareHardware Design Practices For Modern Hardware
Hardware Design Practices For Modern Hardware
 
City i-Tick: The android based mobile application for students’ attendance at...
City i-Tick: The android based mobile application for students’ attendance at...City i-Tick: The android based mobile application for students’ attendance at...
City i-Tick: The android based mobile application for students’ attendance at...
 
Technical Appraisal Tool, MICE - Acting on Change 2016
Technical Appraisal Tool, MICE - Acting on Change 2016Technical Appraisal Tool, MICE - Acting on Change 2016
Technical Appraisal Tool, MICE - Acting on Change 2016
 
IATMSI 2022 Presentation Format.pptx
IATMSI 2022 Presentation Format.pptxIATMSI 2022 Presentation Format.pptx
IATMSI 2022 Presentation Format.pptx
 
Vol 17 No 1 - January June 2017
Vol 17 No 1 - January June 2017Vol 17 No 1 - January June 2017
Vol 17 No 1 - January June 2017
 
Interaction Design (IxD) in the context of User Experience (UX)
Interaction Design (IxD) in the context of User Experience (UX)Interaction Design (IxD) in the context of User Experience (UX)
Interaction Design (IxD) in the context of User Experience (UX)
 

More from Cagatay Turkay

The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
Cagatay Turkay
 
Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Visualisation for Data Science: Advances and Opportunities in Visualisation R...Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Cagatay Turkay
 
The state of the art in integrating machine learning into visual analytics
The state of the art in integrating machine learning into visual analyticsThe state of the art in integrating machine learning into visual analytics
The state of the art in integrating machine learning into visual analytics
Cagatay Turkay
 
Designing Progressive and Interactive Analytics Processes for High-Dimensiona...
Designing Progressive and Interactive Analytics Processes for High-Dimensiona...Designing Progressive and Interactive Analytics Processes for High-Dimensiona...
Designing Progressive and Interactive Analytics Processes for High-Dimensiona...
Cagatay Turkay
 
Enhancing a Social Science Model-building Workflow with Interactive Visualisa...
Enhancing a Social Science Model-building Workflow with Interactive Visualisa...Enhancing a Social Science Model-building Workflow with Interactive Visualisa...
Enhancing a Social Science Model-building Workflow with Interactive Visualisa...
Cagatay Turkay
 
Visualization, A Primer - Basics, Techniques and Guidelines
Visualization, A Primer - Basics, Techniques and GuidelinesVisualization, A Primer - Basics, Techniques and Guidelines
Visualization, A Primer - Basics, Techniques and Guidelines
Cagatay Turkay
 
Data Science: Origins, Methods, Challenges and the future?
Data Science: Origins, Methods, Challenges and the future?Data Science: Origins, Methods, Challenges and the future?
Data Science: Origins, Methods, Challenges and the future?
Cagatay Turkay
 
Designing Interactive Visualisations to Solve Analytical Problems in Biology
Designing Interactive Visualisations to Solve Analytical Problems in BiologyDesigning Interactive Visualisations to Solve Analytical Problems in Biology
Designing Interactive Visualisations to Solve Analytical Problems in Biology
Cagatay Turkay
 

More from Cagatay Turkay (8)

The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
The Inquisitive Data Scientist: Facilitating Well-Informed Data Science throu...
 
Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Visualisation for Data Science: Advances and Opportunities in Visualisation R...Visualisation for Data Science: Advances and Opportunities in Visualisation R...
Visualisation for Data Science: Advances and Opportunities in Visualisation R...
 
The state of the art in integrating machine learning into visual analytics
The state of the art in integrating machine learning into visual analyticsThe state of the art in integrating machine learning into visual analytics
The state of the art in integrating machine learning into visual analytics
 
Designing Progressive and Interactive Analytics Processes for High-Dimensiona...
Designing Progressive and Interactive Analytics Processes for High-Dimensiona...Designing Progressive and Interactive Analytics Processes for High-Dimensiona...
Designing Progressive and Interactive Analytics Processes for High-Dimensiona...
 
Enhancing a Social Science Model-building Workflow with Interactive Visualisa...
Enhancing a Social Science Model-building Workflow with Interactive Visualisa...Enhancing a Social Science Model-building Workflow with Interactive Visualisa...
Enhancing a Social Science Model-building Workflow with Interactive Visualisa...
 
Visualization, A Primer - Basics, Techniques and Guidelines
Visualization, A Primer - Basics, Techniques and GuidelinesVisualization, A Primer - Basics, Techniques and Guidelines
Visualization, A Primer - Basics, Techniques and Guidelines
 
Data Science: Origins, Methods, Challenges and the future?
Data Science: Origins, Methods, Challenges and the future?Data Science: Origins, Methods, Challenges and the future?
Data Science: Origins, Methods, Challenges and the future?
 
Designing Interactive Visualisations to Solve Analytical Problems in Biology
Designing Interactive Visualisations to Solve Analytical Problems in BiologyDesigning Interactive Visualisations to Solve Analytical Problems in Biology
Designing Interactive Visualisations to Solve Analytical Problems in Biology
 

Recently uploaded

一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
74nqk8xf
 
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
g4dpvqap0
 
Challenges of Nation Building-1.pptx with more important
Challenges of Nation Building-1.pptx with more importantChallenges of Nation Building-1.pptx with more important
Challenges of Nation Building-1.pptx with more important
Sm321
 
A presentation that explain the Power BI Licensing
A presentation that explain the Power BI LicensingA presentation that explain the Power BI Licensing
A presentation that explain the Power BI Licensing
AlessioFois2
 
University of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma TranscriptUniversity of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma Transcript
soxrziqu
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023
kuntobimo2016
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
Roger Valdez
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
sameer shah
 
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
nuttdpt
 
一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理
一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理
一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理
nuttdpt
 
Udemy_2024_Global_Learning_Skills_Trends_Report (1).pdf
Udemy_2024_Global_Learning_Skills_Trends_Report (1).pdfUdemy_2024_Global_Learning_Skills_Trends_Report (1).pdf
Udemy_2024_Global_Learning_Skills_Trends_Report (1).pdf
Fernanda Palhano
 
DSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelinesDSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelines
Timothy Spann
 
06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM
06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM
06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM
Timothy Spann
 
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data LakeViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
Walaa Eldin Moustafa
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
aqzctr7x
 
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Aggregage
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
v7oacc3l
 
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataPredictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Kiwi Creative
 

Recently uploaded (20)

一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
 
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
 
Challenges of Nation Building-1.pptx with more important
Challenges of Nation Building-1.pptx with more importantChallenges of Nation Building-1.pptx with more important
Challenges of Nation Building-1.pptx with more important
 
A presentation that explain the Power BI Licensing
A presentation that explain the Power BI LicensingA presentation that explain the Power BI Licensing
A presentation that explain the Power BI Licensing
 
University of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma TranscriptUniversity of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma Transcript
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
 
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
 
一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理
一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理
一比一原版(UCSB文凭证书)圣芭芭拉分校毕业证如何办理
 
Udemy_2024_Global_Learning_Skills_Trends_Report (1).pdf
Udemy_2024_Global_Learning_Skills_Trends_Report (1).pdfUdemy_2024_Global_Learning_Skills_Trends_Report (1).pdf
Udemy_2024_Global_Learning_Skills_Trends_Report (1).pdf
 
DSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelinesDSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelines
 
06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM
06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM
06-12-2024-BudapestDataForum-BuildingReal-timePipelineswithFLaNK AIM
 
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data LakeViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
 
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
 
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataPredictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
 

Visual Analytics for User Behaviour Analysis in Cyber Systems

  • 1. Visual Analytics for User Behaviour Analysis in Cyber Systems Cagatay Turkay Senior Lecturer in Applied Data Science, giCentre, City, University of London (Assoc. Prof. @ CIM, University of Warwick) #VizTIG Seminar, Alan Turing Institute, 13 September 2019
  • 2. VIS for communication VIS for analysis Sources: [*] http://www.theguardian.com/politics/ng-interactive/2015/apr/20/election-2015-constituency-map [**] http://www.nytimes.com/interactive/2012/05/17/business/dealbook/how-the-facebook-offering-compares.html [Elzen & Wijk, 2010] http://playground.tensorflow.org [*] [**] VIS for decision-making with algorithms
  • 3. Visual Analytics? Combining visual and computational analysis: human strengths & computing [SACHA et al., 2014]
  • 4. ... provide several perspectives concurrently (e.g., multiple datasets, scales, parameters, algorithms, representations ...) ... support the interactive comparison & evaluation of (several) algorithmic results by putting the results in context VA can …
  • 5. CASE STUDY – Interactive User Behaviour Analytics in Cyber Systems VASABI: Hierarchical User Profiles for Interactive Visual User Behaviour Analytics Nguyen PH, Henkin R, Chen S, Andrienko N, Andrienko G, Thonnard O, Turkay C. IEEE TVCG, 2019 Understanding User Behaviour through Action Sequences: from the Usual to the Unusual Nguyen, P.H., Turkay, C., Andrienko, G., Andrienko, N., Thonnard, O. and Zouaoui, J. , IEEE TVCG, 2018
  • 7. Design Process ~ 2 years of close collaboration with cyber security experts interviews to understand workflow and status quo iterative workshops rapid prototypes
  • 8. … …. session 3 score = 0.7 session 2 score = 0.8 user actions user digital application 08:40:05 Search Account 08:40:45 Unlock Account 08:41:03 Search Account 08:41:15 Search Account 08:42:01 Display Account ……… session 1 score = 0.2 user behaviour usual? unusual? why? In this study: 31 days 15,000 sessions 1,400 users 300 action types
  • 9. score color hue → type position → time Search Account Display Account Unlock Account semantic distance based action clustering 08:30 09:00 11:30 12:30 13:0012:0011:0010:00 10:3009:30 action Preserving the sequence (but dropping actual time):
  • 10. How expected is … given that the user has done all of … … before? Most important decision to make is:
  • 12. A comprehensive & multi-faceted understanding of user behaviour is needed to put the the result in context for making a decision… this is where VA comes in …
  • 13. Summarising User Behaviour Extracting Common Tasks using Topic Modelling Chen, S., Andrienko, N., Andrienko, G., Adilova, L., Barlet, J., Kindermann, J., Nguyen, P.H., Thonnard, O. and Turkay, C., 2019. LDA Ensembles for Interactive Exploration and Categorization of Behaviors. IEEE transactions on visualization and computer graphics.
  • 14. Summarising User Behaviour Extracting Common Tasks using Topic Modelling Each “topic” becomes a “task” <search, unlock> ~ Help-desking <CreateUser, AssignRole1, AssingRole2> ~ User Management
  • 15. Summarising User Behaviour Visual task distribution summaries timelines of sessions A user with repetitive behaviour A user with diverse behaviour <search, unlock> Help-desk person?
  • 16. Putting sessions in context Visual user profiles Historic data context Sessions of interest
  • 17. Extracting User Roles Task-based user clusters Task distributions for groups e.g., a group managing user accounts Most representative users
  • 18. An unusually long session but a common task, i.e., office management Lots of user accounts locked ..
  • 19.
  • 20. ... provide several perspectives concurrently (e.g., multiple datasets, scales, parameters, algorithms, representations ...) ... support the interactive comparison & evaluation of (several) algorithmic results by putting the results in context VA can …
  • 21. Effective data-intensive decision making requires approaches designed with human-centred thinking to empower people at all stages of the data science process … and visualisation research offers theories, methodologies, techniques and know-how
  • 22. Visual Analytics for User Behaviour Analysis in Cyber Systems #VizTIG Seminar, Alan Turing Institute, 13 September 2019 giCentre: https://www.gicentre.net/ CIM: https://warwick.ac.uk/fac/cross_fac/cim/ Personal Web: http://www.staff.city.ac.uk/cagatay.turkay.1/ Twitter: @cagatay_turkay Slides: https://www.slideshare.net/cagatayturkay Cagatay Turkay Senior Lecturer in Applied Data Science, giCentre, City, University of London (Assoc. Prof. @ CIM, University of Warwick) Thanks to: