- 學位論文
藉由沈浸式資料視覺化與資料探索來分析網路威脅情資
Immersive Data Visualization and Exploration for Analyzing Cyber Threat Information
本文將於2024/08/18開放下載。若您希望在開放下載時收到通知,可將文章加入收藏。
摘要
現今的網路攻擊多變且複雜,與信任夥伴分享網路威脅情資有助於共同防禦這些攻擊。然而,目前用於分享網路威脅情資的標準格式其實非常難以探索,除非藉由視覺化工具的幫助,但傳統視覺化方法的幫助仍有限。隨著頭戴式顯示器的發展逐漸成熟,沉浸式資料視覺化有潛力提供比傳統的二維與三維視覺化方法更好的體驗。本篇論文提出了一個可以在沉浸式環境中分析網路威脅情資的互動式系統,此系統可以在虛擬實境中視覺化上萬個節點與邊,同時保持九十幅以上的高影格率。並且我們與網路安全專家合作,設計和實作了許多探索網路威脅情資的互動技巧。最後,本篇論文以兩個實驗來評估這套系統。實驗結果顯示,比起傳統的視覺化工具,受測者用此系統能夠更快地找到必要的資訊,並在系統易用性量表和工作負擔量表上的表現都更好。若是在探索已經被資安專家整理過的網路威脅情資的情況,則使用此系統和其電腦桌面對應版本的表現非常接近,但沉浸式資料視覺化造成的心理負擔較低。
並列摘要
Sharing cyber threat information between organizations is important to amplify the defense against sophisticated cyber attacks. However, the standard format for describing and exchanging cyber threat information is difficult to explore without the help of visualization techniques. As the head-mounted display (HMD) technology becomes more mature, immersive visualization approaches have the potential to provide better experiences. In this work, we present an interactive system for exploring cybersecurity information in the immersive environment, which utilizes the C# job system and entity component system (ECS) architecture to visualize tens of thousands of nodes and edges with a high framerate (>90 FPS). We collaborated with cybersecurity experts to design several interaction techniques based on their insights into the analysis of cyber threat information. Finally, we conducted two user studies. The results show that participants could find essential information faster using our system compared to the 2D graph visualization tool, and the system usability and user workload were also better. When exploring the cybersecurity data which has been arranged by cybersecurity experts, users could achieve similar performance using our virtual reality (VR) system and the desktop-based counterpart. Nevertheless, immersive visualization caused a lower mental workload.
參考文獻
[1] Sauerwein, C., Sillaber, C., Mussmann, A., & Breu, R. (2017). Threat intelligence sharing platforms: An exploratory study of software vendors and research perspectives. 13th International Conference on Wirtschaftsinformatik (WI 2017) (pp. 837–851).
[2] Barnum, S. (2012). Standardizing cyber threat intelligence information with the structured threat information expression (stix). Mitre Corporation (Vol. 11, pp. 1-22).
[3] Ware, C., & Mitchell, P. (2008). Visualizing graphs in three dimensions. ACM Transactions on Applied Perception (TAP) (Vol. 5, No. 1, p. 2).
[4] Kwon, O. H., Muelder, C., Lee, K., & Ma, K. L. (2016). A study of layout, rendering, and interaction methods for immersive graph visualization. IEEE transactions on visualization and computer graphics (Vol. 22, No. 7, pp. 1802-1815).
[5] Cordeil, M., Cunningham, A., Dwyer, T., Thomas, B. H., & Marriott, K. (2017, October). ImAxes: Immersive axes as embodied affordances for interactive multivariate data visualisation. In Proceedings of the 30th Annual ACM Symposium on User Interface Software and Technology (pp. 71-83). ACM.
延伸閱讀
- 陳凱威(2018)。資料視覺化應用於網路入侵偵測系統之異常偵測〔碩士論文,國立臺灣大學〕。華藝線上圖書館。https://doi.org/10.6342/NTU201803861
- 曾韋榮(2006)。結合潛在語意檢索及資訊粒化於資料探勘〔碩士論文,國立臺北科技大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0006-0407200616461900
- 程宗明(2003)。研發「公共電視數位化」之資源網絡分析-行動者的實徵調查與情境詮釋。廣播與電視,(20),59-95。https://www.airitilibrary.com/Article/Detail?DocID=10210776-200301-201307160025-201307160025-59-95
- 盧恒隆(2015)。以巨量資料分析觀點推展治安治理資訊服務。政府機關資訊通報,(328),16-21。https://www.airitilibrary.com/Article/Detail?DocID=P20191031001-201502-201911080017-201911080017-16-21
- 段乃文(2021)。An Exploration of the Effects of Simulation and Visualization on Learning Information Security〔碩士論文,國立臺灣師範大學〕。華藝線上圖書館。https://doi.org/10.6345/NTNU202101120