Connecting the dots: Designing an interactive network graph for threat intelligence investigations and research
Typ
Examensarbete för masterexamen
Program
Industrial design engineering (MPDES), MSc
Publicerad
2021
Författare
Andersson, Ludvig
Marberg, Erik
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Cyber security and threat intelligence is a constant struggle of trying to stay ahead of threats in
order to mitigate risk and disrupt adversaries. Each year billions are spent to ensure this
security yet enormous amounts of money still makes it to the hands of Threat Actors.
Understanding the surrounding threat landscape and assessing it fast to ensure actionable
intelligence is of essence for all businesses and governments.
This thesis aims to design a conceptual solution for interactive, visual representation
and exploration of the data and information building up this threat landscape. This to fulfill the
purpose of enhancing analyst’s and security operation’s ability to quickly form
actionable intelligence in order to defend their assets.
Interviews were conducted with Threat Intelligence Analysts throughout the project. Initially to
form an understanding of the domain and empathizing with their process and needs. This followed by
two consecutive Create- and Evaluate phases where the analyst’s could express their thoughts about
the proposed concepts and solutions.
The result was not only a design concept but also a defined General Use Case from which a set of
user requirements were defined. These requirements were used as guidelines for the
design concept which was visualized as a set of wireframes. The project resulted in a concept for
an interactive network graph allowing users to explore and control large amounts of data in a
comprehensible interface. The concept suggests both designs and interactions which will aid Threat
Intelligence Analysts when conducting investigations.
Beskrivning
Ämne/nyckelord
network graph, threat intelligence, interaction design, concept development, cyber security