Systematic Literature Review on Cyber Situational Awareness Visualizations

Liuyue Jiang, Asangi Jayatilaka, Mehwish Nasim, Marthie Grobler, Mansooreh Zahedi, M. Ali Babar

Research output: Contribution to journalReview articlepeer-review

1 Citation (Scopus)

Abstract

The dynamics of cyber threats are increasingly complex, making it more challenging than ever for organizations to obtain in-depth insights into their cyber security status. Therefore, organizations rely on Cyber Situational Awareness (CSA) to support them in better understanding the threats and associated impacts of cyber events. Due to the heterogeneity and complexity of cyber security data, often with multidimensional attributes, sophisticated visualization techniques are needed to achieve CSA. However, there have been no previous attempts to systematically review and analyze the scientific literature on CSA visualizations. In this paper, we systematically select and review 54 publications that discuss visualizations to support CSA. We extract data from these papers to identify key stakeholders, information types, data sources, and visualization techniques. Furthermore, we analyze the level of CSA supported by the visualizations, alongside examining the maturity of the visualizations, challenges, and practices related to CSA visualizations to prepare a full analysis of the current state of CSA in an organizational context. Our results reveal certain gaps in CSA visualizations. For instance, the largest focus is on operational-level staff, and there is a clear lack of visualizations targeting other types of stakeholders such as managers, higher-level decision makers, and non-expert users. Most papers focus on threat information visualization, and there is a dearth of papers that visualize impact information, response plans, and information shared within teams. Interestingly, we find that only a few studies proposed visualizations to facilitate up to the <italic>projection</italic> level (i.e., the highest level of CSA), whereas most studies facilitated only the <italic>perception</italic> level (i.e., the lowest level of CSA). Most of the studies provide evidence of the proposed visualizations through toy examples and demonstrations, while only a few visualizations are employed in industrial practice. Based on the results that highlight the important concerns in CSA visualizations, we recommend a list of future research directions.
Original languageEnglish
Article number9782400
Pages (from-to)57525-57554
Number of pages30
JournalIEEE Access
Volume10
DOIs
Publication statusPublished - 1 Jun 2022
Externally publishedYes

Fingerprint

Dive into the research topics of 'Systematic Literature Review on Cyber Situational Awareness Visualizations'. Together they form a unique fingerprint.

Cite this