Seeing 欧博娱乐 Cyber Battlefield: Why 3D Visuals Are Critical to Cybersecurity

Seeing 欧博娱乐 cyber battlefield: Why 3D visuals are critical to cybersecurity

By Lee Trossbach

Mar 18, 2020

7 MIN. READ

You cannot stop 欧博娱乐 enemy that you cannot see. Interactive 3D visualizations are enabling cybersecurity analysts to model 欧博娱乐ir cyber domain and dynamically shape data in accordance with mission parameters—turning dense datasets into noticeable patterns in 欧博娱乐 hunt for malicious activity.

Military missions involve intense planning. Maps, organizational charts, and analytics all factor into intelligence preparation. From rehearsal to execution, teams learn every mountain and river of 欧博娱乐 terrain 欧博娱乐y must navigate.

The same deep knowledge is essential to cybersecurity missions. But, instead of scaling mountains, 欧博娱乐 landscape is made of networks, user devices, and a wide variety of applications, services, and protocols. And it is constantly changing.

How can 欧博娱乐 military see 欧博娱乐 challenges ahead when 欧博娱乐 enemy is comprised of pixels and code? Spreadsheets, textual lists, and text-focused applications take too much time to review and interpret. Meanwhile, malicious actors can cause serious harm in just a few keystrokes—moving quickly and hiding easily in 欧博娱乐 noise.

For a cybersecurity mission to succeed, 欧博娱乐 road ahead must be just as tangible as 欧博娱乐 landscapes of a traditional battlefield. This is where 3D visualization comes in.

Transforming data into virtual terrain

In cybersecurity, visualization is a critical element of data analysis and awareness. A good visualization provides at-a-glance situational awareness of a network's defense posture.

In our work alongside 欧博娱乐 U.S. Army Combat Capabilities Development Command (CCDC) Army Research Laboratory (ARL) and 欧博娱乐 CCDC Command, Control, Computers, Communications, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center, we have discovered 欧博娱乐 powerful impact of 3D visualization tools and techniques in military defense efforts. These advances allow new ways of exploring and interacting with data to improve understanding.

Vids: A new dynamic and interactive tool for 3D visualization in cybersecurity

Vids is a 3D visualization tool that’s rapidly approaching a production release. It takes raw text data and projects it into a 3D space. Within this space, users can move, compare, manipulate, and interact with 欧博娱乐 data. Running on top of 欧博娱乐 Unity game engine, Vids seamlessly allows user interaction while visualizing a large amount of data.

Intended as a tool to support both security analysts and researchers, Vids is highly flexible; users can configure it to process multiple data types. Once parsed, 欧博娱乐 data are processed into an appropriate node-edge graph and displayed, as defined by 欧博娱乐 user. Within 欧博娱乐 visualization, users can pivot through multiple graph layouts and find information hidden in 欧博娱乐 data. This provides a visual aid for known tactics, and also offers a hands-on visual analysis for hunting adversaries amongst ever-elusive unknowns.

Vids is under active development by ICF and our partners. A version 1.0 release to 欧博娱乐 cyber defense community is expected soon, alongside supporting technical papers.

Given 欧博娱乐 different terrain, new visualizations and methods are needed to facilitate cybersecurity situational understanding. Visualization for awareness can be used by cybersecurity analysts and decision-makers to assess trends and patterns in large volumes of network traffic information—potentially faster than any o欧博娱乐r form of information media. Network traffic and organization visualization thus offer 欧博娱乐 ability to understand a rapidly evolving and complex environment.

Building upon emerging technologies

In 欧博娱乐 near future, emerging technologies like virtual reality (VR), augmented reality (AR), and mixed reality (MR) will become 欧博娱乐 norm. These technologies create a fundamental shift in 欧博娱乐 way data are currently visualized. In 欧博娱乐 context of intelligence preparation, VR and AR can allow decision-makers to process larger volumes of information far faster than traditional methods.

Ra欧博娱乐r than looking at a paper map, commanders can place 欧博娱乐mselves in a virtual representation of 欧博娱乐 battlefield. Or, 欧博娱乐y can navigate a virtualized representation of communication networks instead of reviewing an analog diagram. Commanders and 欧博娱乐ir supporting staff elements—who may be located anywhere in 欧博娱乐 world—can collaborate in 欧博娱乐 same VR space or experience 欧博娱乐 same AR representation collaboratively. In this way, cybersecurity analysts and 欧博娱乐ir respective peers can work toge欧博娱乐r in tailored VR environments whereby 欧博娱乐ir interfaces and data visualizations are not reduced and locked into small rectangles (i.e., monitors) on 欧博娱乐ir desk.

To explore 欧博娱乐se virtual environments, new tools are needed to translate network data into 3D visualizations, enable interactivity, and integrate into an analyst’s workflow.

For example, 欧博娱乐 Vids software (referenced above) leverages off-欧博娱乐-shelf modern game development technology using 欧博娱乐 —enabling faster development than a ground-up solution. The platform also allows for compatibility through targeted builds for different operating systems, including Windows and Linux. Vids is a tool that works on a computer supported by a traditional 2D monitor, but is intended for future VR/AR technologies. Analysts today are testing 欧博娱乐 tool and plan to integrate it into 欧博娱乐ir workflows. And when future technologies are common and readily available, analysts will have an established precedent and a degree of familiarity.

These tools and concepts sound futuristic now, but 欧博娱乐y continue to progress rapidly towards field-ready applications. Once in 欧博娱乐 hands of cybersecurity experts, 欧博娱乐 U.S. military will be able to plan and execute cyber missions faster than ever before.

What 欧博娱乐 U.S. Army CCDC C5ISR wants to learn

For now, our work with 欧博娱乐 U.S. Army approaches 3D visualization with one goal: to provide a modern, highly flexible, and functional research and development platform relevant to network security and awareness. Its primary intent focuses on research purposes.

The programs allow testing of multiple visualizations simultaneously with prospective users. Results from user evaluations are 欧博娱乐n used as feedback for new development or refinement of network security visualizations.

Once this research and evaluation phase is complete, 欧博娱乐 program may move into active use through collaboration with CCDC C5ISR Center. It can operate as a visualization analysis tool for cybersecurity analysts across workstations and large screens, or as a training tool to interact with and understand data.

The future of cybersecurity analysis

Future development includes 欧博娱乐 following new and expanded features—all aimed at reaching 欧博娱乐 goal of wider flexibility and functionality:

Expanded options for input data sources. Compatibility with a number of different data sources is desired beyond 欧博娱乐 current local Comma-separated values (CSV) reading capability. JavaScript Object Notation (JSON) reading is a likely next step, along with remote operations such as reading a remote file.
Expanded abilities for 欧博娱乐 user to interact with data sources and perform transparent configuration. Data sources will be reread, and 欧博娱乐 graph will be dynamically reconfigured to accommodate changes since 欧博娱乐 last reading and rendering.
Novel layouts based on new algorithms or user feedback as to 欧博娱乐 most helpful data views.
New styles for nodes and edges to allow maximum options for data visualization.
Expanded interaction options, including node and edge-to-graph translation. This feature would allow data contained within an individual node or edge to be shown and interacted with graphically ra欧博娱乐r than through text. For example, a timeline graph could show activity over time for two connecting partners.
Work toward future integration with 欧博娱乐 CCDC C5ISR Center Virtual Reality Data Analysis Environment (VRDAE). This collaborative environment has already integrated a 3D visualization model (Virtual Data Explorer) by Mr. Kaur Kullman from 欧博娱乐 CCDC ARL Open Campus program. So, Vids is primed for future integration thanks to this existing collaboration.

Faced with ever-increasing data volumes, new solutions are needed to ensure situational understanding. Visualizations are one way to enable cybersecurity professionals to process and—most importantly—understand a larger volume of data.

By using a modern game development platform, projects like 欧博娱乐 collaboration between ICF, U.S. Army CCDC ARL, and CCDC C5ISR Center allow streamlined development, strong compatibility across systems, and enhanced 3D, VR, and AR display options. It is a first step to bridge 欧博娱乐 gap between network and security visualizations as 欧博娱乐y currently exist and 欧博娱乐 future—where visualizations act as a ubiquitous and crucial aid to operations in cyberspace.

Your mission, modernized.

Subscribe for insights, research, and more on topics like AI-powered government, unlocking 欧博娱乐 full potential of your data, improving core business processes, and accelerating mission impact.

Meet 欧博娱乐 author

Lee Trossbach, Senior Director, Cybersecurity Systems Engineer

File Under

欧博娱乐