Unlocking User-Centered Design Methods for Building Cyber Security Visualizations

Similar documents

The USER & The Design Process

Internet Strategic Planning at USDA s Economic Research Service

The IconProcess: A Web Development Process Based on RUP

A User Centered Approach for the Design and Evaluation of Interactive Information Visualization Tools

Innovation Fund Final Report: Exploration of Data Analytics Tools for Library Data

How To Design A Website For The Elderly

By Peter Merholz, If you use it, please attribute it. Thanks.

Announcements. Project status demo in class

The objective of Software Engineering (SE) is to build high quality software. within a given time and with a predetermined budget (Sommerville, 2007).

Prototyping Techniques for

Improving Government Websites and Surveys With Usability Testing and User Experience Research

USER EXPERIENCE DESIGNER & RESEARCHER

Go to Market with a New Analytic Product in Just 8 Weeks.

Databricks. A Primer

Business Analysis Essentials

Exploring Mobile Space Stanfy Publications. Mobile Application UI/UX Prototyping Process

Databricks. A Primer

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

In partnership with Hennepin County Library, MN.IT Services, State of Minnesota Office of Accessibility and Open Twin Cities January 31, 2015

Environmental Decision Support Systems: A Human Factors Perspective

Evidentiary Integrity for Incident Response (EIIR)

Not Just Another Pretty (Inter)Face

Elliott Romano. UX Designer elliottromano.com

Project 1 Clemson University Fire and Emergency Inventory System

USER EXPERIENCE TRAINING CLASSES New York City

Requirements Management Database

THE WEBSITE REDESIGN THAT S HURTING YOUR BUSINESS

UX for Successful Products

Enriching Requirements Analysis with the Personas Technique

CS/ISE 5714 Spring 2013

Applying a User-Centered Design Approach to Data Management: Paper and Computer Testing. Jeffrey R. Wilson, Ph.D. Pearson.

Moving Target Reference Implementation

Situational Awareness Through Network Visualization

When is Agile the Best Project Management Method? Lana Tylka

IST 385, Human Computer Interaction Fall semester, 2010

Executive Q&A: Learning Maps; Innovative Tools For Customer Experience Training

CUSTOMER EXPERIENCE DESIGN CUSTOMER EXPERIENCE DESIGN

DESIGNING FOR THE USER INSTEAD OF YOUR PORTFOLIO

Experience managing the delivery, ongoing success, and continuous improvement of one or more digital products and/or platforms.

Is to define and implement a design strategy with deep understanding of user and business needs that makes user interfaces and experiences great.

Build the Right Software First Time

COLUMN. What is information architecture? Intuitive navigation doesn t happen by chance MAY The cost of failure

Obtaining Enterprise Cybersituational

A DIGITAL SOLUTIONS AGENCY Queen Anne Ave N. Ste. 337 Seattle WA,

User-Centered Design Guidelines for Collaborative Software for Intelligence Analysis

Agile for Product Owners

Post-Implementation EMR Evaluation for the Beta Ambulatory Care Clinic Proposed Plan Jul 6/2012, Version 2.0

eorgette ullivan Portfolio

Envisioning a Portal Solution

SLDS Workshop Summary: Data Use

Software Center. Customer Data and Ecosystem Driven Development

Outline. Introduction. WebQuilt and Mobile Devices: A Web Usability Testing and Analysis Tool for the Mobile Internet

White Paper: Leveraging Web Intelligence to Enhance Cyber Security

Harnessing Voice of the Customer for Incremental Innovation

Current and Future State of Health Informatics for Veterans Health Administration

How To Use Elasticsearch

COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS

eclips Design Packet Middle School and High School NASA Real World: Mathematics (Grades 6-8) NASA Launchpad (Grades 9-12) Educational Product

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC

DESIGNCAMP FOR UNIVERSITY HIRES CORPORATE EDUCATION OF SOFTWARE DESIGN THINKERS

Interaction Designers on extreme Programming Teams: Two Case Studies from the Real World

Design methods for developing services

SOCIAL MEDIA MEASUREMENT: IT'S NOT IMPOSSIBLE

CONVERSION OPTIMIZATION PLANNING IN 2011

TABLE OF CONTENTS ABSTRACT ACKNOWLEDGEMENT LIST OF FIGURES LIST OF TABLES

Simplifying the audit through innovation. PwC Accounting Symposium August 7, PwC Audit Transformation 19

Screen Design : Navigation, Windows, Controls, Text,

"A Role With No Edges": The Work Practices of Information Architects

Intro to Human Centered Service Design Thinking

" ~l;~' 1uxr:~~\'<~ITY-lc FACUL TV GOVERNANCE ASSISTANT (Faculty Council approval on Consent Calendar) It/:;~. Iff~~~~~uV~

Research Brief. Using the Model. Category One: Strategy

BI Dashboards the Agile Way

September 9 11, 2013 Anaheim, California Data Rich, Insight Poor: Un-confusing Your Confused Analytics Team

ios Development: Getting Started Min Tsai March 1, 2011 terntek.com v1.0

Data Governance. Unlocking Value and Controlling Risk. Data Governance.

IDC MaturityScape Benchmark: Big Data and Analytics in Government

ECM: Key Market Trends and the Impact of Business Intelligence

Cyber Intelligence Workforce

Visit :: Call ::

BUSINESS ANALYTICS WEBINAR MARATHON

Andrew Hill USER EXPERIENCE DESIGN PORTFOLIO

MIS 3504 Digital Design and Innovation Studio

#Jamminsocinn. Service Design Meets Social Roots

Info425, UW ischool 10/11/2007

WE DESIGN BETTER EXPERIENCES FOR YOUR CUSTOMERS

GENERIC AGENCY STATEMENT OF WORK. Website Redesign Project Generic Company

Accent Technologies. UI / UX Designer

Designing the user experience beyond the interface

Design Engineering 1 (a) General Guidelines _3 rd Semester

Product Development: From Conception to Execution. Slide 1

CIO and Cyber Security Overview Argonne National Laboratory. Michael A. Skwarek CIO Matthew A. Kwiatkowski CISO Oct. 12, 2011

User Experience (UX) Specialist Position Description

Easy Wireframing with

Testing Websites with Users

When User Experience Met Agile: A Case Study

UI/UX Design and Project Management Portfolio. Ryan Vojir ( Voyer )

Network VisualizationS

Presented By: Leah R. Smith, PMP. Ju ly, 2 011

Transcription:

Unlocking User-Centered Design Methods for Building Cyber Security Visualizations Sean McKenna 1,2, Diane Staheli 2, Miriah Meyer 1 1 University of Utah 2 MIT Lincoln Laboratory The Lincoln Laboratory portion of this work is sponsored by the Assistant Secretary of Defense for Research & Engineering under Air Force Contract FA8721-05-C-0002. Opinions, interpretations, conclusions, and recommendations are those of the authors and are not necessarily endorsed by the United States Government.

motivation user-centered design: incorporate user needs for cyber security: user-centered design methods have been used e.g. cyber command gauge cluster [Erbacher 2012] significant challenges for cyber security 2

design methods can overcome overcome limited limited time time and access to users and access to users 3

qualitative coding redesign personas data sketches dashboard 4

redesign of a software tool cyber security firm hired our team: evaluate usability find right visualizations team was new to cyber security and limited access to users performed literature review to begin to understand this space 5

cyber security dashboard facilitate communication of cyber information different goals: identify users compare options previous work focused on analysts as users 6

qualitative coding 7 https://www.flickr.com/photos/novecentino/2937239799/

we had too much information! detailed analysis of 3 papers: cognitive task analysis (CTA) key focus on users qualitative coding: structure, organizing and consolidating information [Strauss & Corbin 1990] process: find quotes, assign codes, meet to agree, and adapt codes 8

results of qualitative coding: 9

synthesized codes into design opportunities: e.g. temporal visualization prioritized opportunities and iterated into a mockup interface cyber security firm: developer made changes evaluation (A/B testing) deployed new version 10

reflections: found user needs with limited access to users effective method since resulted in a deployed tool cannot replace access to real users usage recommendation: start small, expand your scope & code papers from appropriate venues: e.g. VizSec, VIS, CHI, HFES, Behavior & Information Technology, Computers & Security, FIRST, HST, AMCIS, SAM, CyCon, FloCon, CogSIMA, DHS CATCH, HCI HAS, CTS SECOTS 11

personas 12 https://www.flickr.com/photos/nnova/2081056587/in/photostream/

what is a persona? archetypes of users [Martin & Hanington 2012] to build personas: conducted interviews across various stakeholders identified four types of personas: analyst, manager, director of IT, and a CEO specific to a cyber security dashboard 13

14

used personas to target users: analysts and managers focus saved time crafted ideas for a dashboard, prioritized against personas first prototype produced not deployed yet though 15

reflections: limited our design focus to certain users personas could be used in future projects usage recommendation: talk with real users, if possible, to build personas otherwise, use existing research, like qualitative coding 16

https://www.flickr.com/photos/nnova/2081056587/in/photostream/ data sketches 17

what is a data sketch? a quick and dirty visualization [Lloyd & Dykes 2011] acquire data: obtained a network flow dataset from an analyst at our university visualize data: brainstorm various ways to encode what is the best way to represent data on a dashboard? produced 20 data sketches using Python, Tableau, Gephi, and D3.js 18

19

feedback with analyst: avoid complex visualizations clear aggregation iterated on the design evaluation: tested usability deployed to users 20

reflections: effective for comparing multiple encodings worked well for a use-case of a dashboard complex visualizations may be useful for analysis usage recommendation: repurpose the tools you know and experiment with new ones: e.g. Python, Tableau, Gephi, D3.js, Processing, Excel, Spotfire, Arcsight, Splunk 21

design methods can overcome overcome limited limited time time and access to users and access to users qualitative coding redesign personas data sketches dashboard 22

to find out more: sean@cs.utah.edu http://mckennapsean.com/vizsec-design-methods/ acknowledgements: Jonzy, Dan Bowden, Tamara Denning, staff members at MIT Lincoln Laboratory, Dominika Mazur, Matthew Parkin, and James Agutter 23