A comparative analysis of visualisation techniques to achieve CySA in the military


Presentation given by Salvador Llopis at ICMCIS 2018 conference

  1. 1. UNIVERSIDAD POLITÉCNICA de VALENCIA VALENCIA, SPAIN Salvador Llopis Javier Hingant Israel Pérez Manuel Esteve Federico Carvajal IEEE International Conference on Military Communication and Information Systems (ICMCIS) Warsaw, 23 May 2018 Wim Mees Thibault Debatty ROYAL MILITARY ACADEMY, BRUSSELS, BELGIUM
  2. 2. A comparative analysis of visualisation techniques to achieve CySA in the military
  3. 3. Agenda • Introduction • Process • 3D Operational Picture • Cyber Common Operational Picture, CyCOP • Comparative Analysis • Conclusions and Future work
  4. 4. Introduction “A common operational picture (COP) for cyberspace facilitates Command and Control (C2) of Cyber Operations and real-time comprehensive Situational Awareness” (United States, Joint Publication 3-12 (R), Cyberspace Operations, 2013)
  5. 5. Introduction • Visualisation is an integral part of the CySA • Technical and Operational views serve different purposes • Different visualisation approaches may lead to different levels of comprehension of the situation • Perceived reality on the screen may vary due to the human nature, skills and experience • Maximum awareness threshold is called “ground-truth”
  6. 6. Introduction Key questions: - How to fulfil user requirements regarding the tasks to be performed VISUALISATION ADAPTED TO USERS´ NEEDS - Which technologies suit best this performance TYPE OF REPRESENTATION WHICH ELEMENTS TO DISPLAY VALIDATION
  7. 7. Process • Fictional scenario: MINET - physical nodes and cyber elements • Simulated data sources • Set of measurements • Two types of representation: 3D OP and CyCOP • Comparative analysis • Approach Implementation aspects
  8. 8. 3D Operational Picture Visualisation for Improved Situation Awareness (VISA) “Mission-Attacker-Controls”
  9. 9. CyCOP
  10. 10. CyCOP
  11. 11. Comparative Analysis • Complementarity. Implementation of external interfaces in combination with a representation of mission-critical aspects • Multi-format representations • Reporting • Real-time data feeds as opposed to offline data • Granularity • Assist decision-making • Mission oriented
  12. 12. Conclusions and Future Work • Experimental validation using SAGAT • Develop an objective measure of CySA • Improvements: data classification and decision-making • Automatic refinement on visualisation by AI
  13. 13. Thank you for your attention