23
Unlocking User-Centered Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2 , Diane Staheli 2 , Miriah Meyer 1 1 University of Utah 2 MIT Lincoln Laboratory The Lincoln Laboratory portion of this work is sponsored by the Assistant Secretary of Defense for Research & Engineering under Air Force Contract FA8721-05-C-0002. Opinions, interpretations, conclusions, and recommendations are those of the authors and are not necessarily endorsed by the United States Government.

Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

  • Upload
    others

  • View
    10

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

Unlocking User-Centered Design Methods for Building Cyber Security Visualizations

Sean McKenna 1,2, Diane Staheli

2, Miriah Meyer 1

1 University of Utah

2 MIT Lincoln Laboratory

The Lincoln Laboratory portion of this work is sponsored by the Assistant Secretary of Defense for Research & Engineering under Air Force Contract FA8721-05-C-0002. Opinions, interpretations, conclusions, and recommendations are those of the authors and are not necessarily endorsed by the United States Government.

Page 2: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

motivation

user-centered design:

incorporate user needs

for cyber security:

user-centered design methods have been used

e.g. cyber command gauge cluster [Erbacher 2012]

significant challenges for cyber security

2

Page 3: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

design methods can overcome limited time and access to users

3

design methods canovercome limited timeand access to users

Page 4: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

4

redesign dashboard

personas data sketches

qualitative coding

Page 5: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

redesign of a software tool

cyber security firm hired our team:

evaluate usability

find right visualizations

team was new to cyber security

performed literature review to

5

and limited access to users

begin to understand this space

Page 6: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

cyber security dashboard

facilitate communication

different goals:

identify users

compare options

previous work focused

6

of cyber information

on analysts as users

Page 7: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

7

qualitative coding

https://www.flickr.com/photos/novecentino/2937239799/

Page 8: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

we had too much information!

detailed analysis of 3 papers:

cognitive task analysis (CTA)

key focus on users

qualitative coding:

structure, organizing and consolidating information [Strauss & Corbin 1990]

process:

find quotes, assign codes, meet to agree, and adapt codes

8

Page 9: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

results of qualitative coding:

9

Page 10: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

10

synthesized codes into design opportunities:

e.g. temporal visualization

prioritized opportunities and

cyber security firm:

developer made changes

evaluation (A/B testing)

deployed new version

iterated into a mockup interface

Page 11: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

reflections:

found user needs with limited access to users

effective method since resulted in a deployed tool

cannot replace access to real users

usage recommendation:

start small, expand your scope & code papers from appropriate venues:

e.g. VizSec, VIS, CHI, HFES, Behavior & Information Technology, Computers &

11

Security, FIRST, HST, AMCIS, SAM, CyCon, FloCon, CogSIMA, DHS CATCH,HCI HAS, CTS SECOTS

Page 12: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

12

personas

https://www.flickr.com/photos/nnova/2081056587/in/photostream/

Page 13: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

what is a persona?

archetypes of users [Martin & Hanington 2012]

to build personas:

conducted interviews across various stakeholders

identified four types of personas:

analyst, manager, director of IT, and a CEO

specific to a cyber security dashboard

13

Page 14: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

14

Page 15: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

used personas to target users: analysts and managers

focus saved time

crafted ideas for a

first prototype produced

not deployed yet though

15

dashboard, prioritizedagainst personas

Page 16: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

reflections:

limited our design focus to certain users

personas could be used in future projects

usage recommendation:

talk with real users, if possible, to build personas

otherwise, use existing research, like qualitative coding

16

Page 17: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

17

data sketches

https://www.flickr.com/photos/nnova/2081056587/in/photostream/

Page 18: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

what is a data sketch?

a quick and dirty visualization [Lloyd & Dykes 2011]

acquire data:

obtained a network flow dataset from an analyst at our university

visualize data:

brainstorm various ways to encode

what is the best way to represent data on a dashboard?

produced 20 data sketches using Python, Tableau, Gephi, and D3.js

18

Page 19: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

19

Page 20: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

feedback with analyst:

avoid complex

clear aggregation

iterated on the design

evaluation:

tested usability

deployed to users

20

visualizations

Page 21: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

reflections:

effective for comparing multiple encodings

worked well for a use-case of a dashboard

complex visualizations may be useful for analysis

usage recommendation:

repurpose the tools you know and experiment with new ones:

e.g. Python, Tableau, Gephi, D3.js, Processing,

21

Excel, Spotfire, Arcsight, Splunk

Page 22: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

design methods can overcome limited time and access to users

22

design methods canovercome limited timeand access to users

redesign dashboard

personas data sketches

qualitative coding

Page 23: Design Methods for Building Unlocking User …...Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2

acknowledgements: Jonzy, Dan Bowden, Tamara Denning, staff members at MIT Lincoln Laboratory, Dominika Mazur, Matthew Parkin, and James Agutter

to find out more:[email protected]://mckennapsean.com/vizsec-design-methods/

23