From Cyber Security Activities to Collaborative Virtual Environments Practices Through the 3D CyberCOP Platform
Alexandre Kabil,Thierry Duval,Nora Cuppens,Gérard Le Comte,Yoran Halgand,Christophe Ponchel +5 more
- 17 Dec 2018
- pp 272-287
TL;DR: A 3D CVE is proposed called the 3D Cyber Common Operational Picture, which aims at taking advantage of CVE practices to enhance cyber collaborative activities.
read more
Abstract: Although collaborative practices between cyber organizations are well documented, managing activities within these organizations is still challenging as cyber operators tasks are very demanding and usually done individually. As human factors studies in cyber environments are still difficult to perform, tools and collaborative practices are evolving slowly and training is always required to increase teamwork efficiency. Contrary to other research fields, cyber security is not harnessing yet the capabilities of Collaborative Virtual Environments (CVE) which can be used both for immersive and interactive data visualization and serious gaming for training. In order to tackle cyber security teamwork issues, we propose a 3D CVE called the 3D Cyber Common Operational Picture, which aims at taking advantage of CVE practices to enhance cyber collaborative activities.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Figures
Fig. 2. Activity model designed for cyber security practices analysis. 
Fig. 7. Features adaptation from cyber security usages to CVE implementation. 
Fig. 3. SOC practices (Left) and their adaptation through the 3D CyberCOP platform (Right). 
Fig. 6. Cyber (LEFT) and Kinetic (RIGHT) views of the environment, displayed using immersive (TOP) and non-immersive (BOTTOM) setups. 
Fig. 5. 2D coordinator dashboard with a map of the environment and a list of current alerts (LEFT) and a selection of an asset from an immersive graph representation of the network (RIGHT). 
Fig. 4. Alert analysis management from the ticket to escalation.
Citations
Security Operations Center: A Systematic Study and Open Challenges
TL;DR: In this article, a comprehensive literature survey is conducted to collate different views of security operations centers (SOCs) and the discovered literature is then used to determine the current state-of-theart of SOCs and derive primary building blocks.
Threat Hunting Architecture Using a Machine Learning Approach for Critical Infrastructures Protection
TL;DR: In this article , a system architecture that helps Threat Hunters, using a Machine Learning approach and applying state-of-the-art visualization techniques in order to protect Critical Infrastructures based on a distributed, scalable and online configurable framework of interconnected modular components.
Alert Characterization by Non-expert Users in a Cybersecurity Virtual Environment: A Usability Study
Alexandre Kabil,Thierry Duval,Nora Cuppens +2 more
- 07 Sep 2020
TL;DR: Although cybersecurity is a domain where data analysis and training are considered of the highest importance, few virtual environments for cybersecurity are specifically developed, while they are used efficiently in other domains to tackle these issues as discussed by the authors.
Blockade-detection-response based security operations dashboard design
Choong-Hee Han
- 01 Aug 2021
TL;DR: In this article, a security operations dashboard design based on Blockade-Detection-Response (BDR) is proposed to reduce the effort and time required for configuring a dashboard for VIPs, and contribute to the systematic security operations from the perspective of blockade, detection and response for everlasting cyber threats.
5
Trends and challenges in research into the human aspects of ransomware: a systematic mapping study
Garret Murray,Malin Falkeling,Shang Gao +2 more
TL;DR: The body of literature in the area of human aspects of ransomware has increased over the past couple of years, and the findings highlight that being transparent about ransomware attacks, when possible, can help others.
1
References
From information security to cyber security
TL;DR: This paper argues that, although there is a substantial overlap between cyber security and information security, these two concepts are not totally analogous and posits that cyber security goes beyond the boundaries of traditional information security to include not only the protection of information resources, but also that of other assets, including the person him/herself.
985
Immersive and collaborative data visualization using virtual reality platforms
Ciro Donalek,S. G. Djorgovski,Alex Cioc,Anwell Wang,Jerry Zhang,Elizabeth Lawler,Stacy Yeh,Ashish Mahabal,Matthew J. Graham,Andrew J. Drake,Scott Davidoff,Jeffrey S. Norris,Giuseppe Longo +12 more
- 01 Oct 2014
TL;DR: Immersion provides benefits beyond the traditional “desktop” visualization tools: it leads to a demonstrably better perception of a datascape geometry, more intuitive data understanding, and a better retention of the perceived relationships in the data.
391
A Survey of Visualization Systems for Network Security
TL;DR: A comprehensive review of network security visualization is offered and a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area is provided.
315
Collaborative virtual environments: An introductory review of issues and systems
TL;DR: The nature of collaborative and cooperative work activities is discussed, the place of virtual reality systems in supporting such collaborative work is considered and some future research directions are discussed.
266
National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework
William Newhouse,Stephanie Keith,Benjamin Scribner,Gregory Witte +3 more
- 07 Aug 2017
TL;DR: The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework as mentioned in this paper is a reference structure that describes the interdisciplinary nature of the cybersecurity work and serves as a fundamental reference resource for describing and sharing information about cybersecurity work.