A two-stage framework for designing visual analytics systems to augment organizational analytical processes

A perennially interesting research topic in the field of visual analytics is how to effectively develop systems that support organizational knowledge worker’s decision-making and reasoning processes. The primary objective of a visual analytic system is to facilitate analytical reasoning and discovery of insights through interactive visual interfaces. It also enables the transfer of capability and expertise from where it resides to where it is needed–across individuals, and organizations as necessary. The problem is, however, most domain analytical practices generally vary from organizations to organizations. This leads to the diversified design of visual analytics systems in incorporating domain analytical processes, making it difficult to generalize the success from one domain to another. Exacerbating this problem is the dearth of general models of analytical workflows available to enable such timely and effective designs. To alleviate these problems, this dissertation presents a two-stage framework for informing the design of a visual analytics system. This two-stage design framework builds upon and extends current practices pertaining to analytical workflow and focuses, in particular, on investigating its effect on the design of visual analytics systems for organizational environments. It aims to empower organizations with more systematic and purposeful information analyses through modeling the domain users’ reasoning processes. The first stage in this framework is an Observation and Designing stage, in which a visual analytic system is designed and implemented to abstract and encapsulate general organizational analytical processes, through extensive collaboration with domain users. The second stage is the User-centric Refinement stage, which aims at interactively enriching and refining the already encapsulated domain analysis process based on understanding user’s intentions through analyzing their task behavior. To implement this framework in the process of designing a visual analytics system, this dissertation proposes four general design recommendations that, when followed, empower such systems to bring the users closer to the center of their analytical processes. This dissertation makes three primary contributions: first, it presents a general characterization of the analytical workflow in organizational environments. This characterization fills in the blank of the current lack of such an analytical model and further represents a set of domain analytical tasks that are commonly applicable to various organizations. Secondly, this dissertation describes a two-stage framework for facilitating the domain users’ workflows through integrating their analytical models into interactive visual analytics systems. Finally, this dissertation presents recommendations and suggestions on enriching and refining domain analysis through capturing and analyzing knowledge workers’ analysis processes. To exemplify the generalizability of these design recommendations, this dissertation presents three visual analytics systems that are developed following the proposed recommendations, including Taste for Xerox Corporation, OpsVis for Microsoft, and IRSV for the U.S. Department of Transportation. All of these systems are deployed to domain knowledge workers and are adopted for their analytical practices. Extensive empirical evaluations are further conducted to demonstrate efficacy of these systems in facilitating domain analytical processes

AGIR: Automatic Generation of Intelligence Reports

Natural Language Generation (NLG) tools are becoming increasingly important in today’s fast-paced business environment. These tools can save organizations significant amounts of time and resources by automating the process of generating written content from structured data. NLG is widely employed in many fields producing computer-generated medical reports, weather forecasts or newspaper articles, however, little work has been done so far in the cybersecurity field. Nowadays, security analysts have to manually write reports starting from structured data such as STIX (Structured Threat Information eXpression) graphs and network logs, this task is very time-consuming. In this thesis, carried out in collaboration with Leonardo S.p.A., we implement AGIR (Automatic Generation of Intelligence Reports), a NLG tool able to write intelligence reports starting from the JSON representation of STIX graphs. The purpose of AGIR is to assist analysts in the report writing process by providing them significant information and starting them off with a report that is as close as possible to an ideal final version of the report. AGIR produces the final report in a two-stage pipeline. In the first step, it uses a template-based approach to build a baseline text that, in the second phase, is further refined through the use of ChatGPT APIs. The generated reports are then evaluated through the syntactic log-odds ratio (SLOR), a referenceless model-dependent metric for fluency evaluation, and a questionnaire-based human evaluation on three dimensions: correctness, fluency and utility. The generated reports overall reach good scores on all three levels, but there is room for improvement in the implementation of both steps. The first step introduces maintainability issues that can be circumvented by using a neural-based approach for the creation of the draft text. The second step can be improved by using a free and local deep learning model.Natural Language Generation (NLG) tools are becoming increasingly important in today’s fast-paced business environment. These tools can save organizations significant amounts of time and resources by automating the process of generating written content from structured data. NLG is widely employed in many fields producing computer-generated medical reports, weather forecasts or newspaper articles, however, little work has been done so far in the cybersecurity field. Nowadays, security analysts have to manually write reports starting from structured data such as STIX (Structured Threat Information eXpression) graphs and network logs, this task is very time-consuming. In this thesis, carried out in collaboration with Leonardo S.p.A., we implement AGIR (Automatic Generation of Intelligence Reports), a NLG tool able to write intelligence reports starting from the JSON representation of STIX graphs. The purpose of AGIR is to assist analysts in the report writing process by providing them significant information and starting them off with a report that is as close as possible to an ideal final version of the report. AGIR produces the final report in a two-stage pipeline. In the first step, it uses a template-based approach to build a baseline text that, in the second phase, is further refined through the use of ChatGPT APIs. The generated reports are then evaluated through the syntactic log-odds ratio (SLOR), a referenceless model-dependent metric for fluency evaluation, and a questionnaire-based human evaluation on three dimensions: correctness, fluency and utility. The generated reports overall reach good scores on all three levels, but there is room for improvement in the implementation of both steps. The first step introduces maintainability issues that can be circumvented by using a neural-based approach for the creation of the draft text. The second step can be improved by using a free and local deep learning model

Acting Together to Lift up Philanthropy: WINGS Guidance on How to Build a Supportive Ecosystem

The guide shows how a philanthropy support ecosystem can be built. It uses a suite of tools and approaches that can be adapted by people in different countries to build the system that they want, by mapping relationships between organisations and sorting out who does what in order to lift up philanthropy. It is designed to allow for creativity and invention. The goal is to inspire the field by suggesting ways in which its work can be enhanced, rather than providing hard and fast rules. Although specific steps are suggested, these do not imply a rigid process that needs to be followed. Action depends on the context and the particular needs of the philanthropic sector

Controlling and Assisting Activities in Social Virtual Worlds

Since its beginning, web technology has advanced from a text-based to a visual-based interaction. This evolution has been facilitated by both high speed internet connections and PC's graphical power. Virtual world (VW) technology began as standalone applications (e.g.. virtual simulations) but soon evolved into web-based applications. Nowadays, home users for entertainment and wide-spread enterprises or institutions for business can exploit virtual worlds to develop remote activities between friends, employees, clients, teachers or students (Sherman, 2002). Then, virtual worlds have clear applications in e-governance, elearning and e-commerce, and therefore it is mandatory to study mechanisms ensuring the assistance and the control of activities taking place in these applications..

TENSOR: retrieval and analysis of heterogeneous online content for terrorist activity recognition

The proliferation of terrorist generated content online is a cause for concern as it goes together with the rise of radicalisation and violent extremism. Law enforcement agencies (LEAs) need powerful platforms to help stem the influence of such content. This article showcases the TENSOR project which focusses on the early detection of online terrorist activities, radicalisation and recruitment. Operating under the H2020 Secure Societies Challenge, TENSOR aims to develop a terrorism intelligence platform for increasing the ability of LEAs to identify, gather and analyse terrorism-related online content. The mechanisms to tackle this challenge by bringing together LEAs, industry, research, and legal experts are presented

Towards a European Health Research and Innovation Cloud (HRIC)

The European Union (EU) initiative on the Digital Transformation of Health and Care (Digicare) aims to provide the conditions necessary for building a secure, flexible, and decentralized digital health infrastructure. Creating a European Health Research and Innovation Cloud (HRIC) within this environment should enable data sharing and analysis for health research across the EU, in compliance with data protection legislation while preserving the full trust of the participants. Such a HRIC should learn from and build on existing data infrastructures, integrate best practices, and focus on the concrete needs of the community in terms of technologies, governance, management, regulation, and ethics requirements. Here, we describe the vision and expected benefits of digital data sharing in health research activities and present a roadmap that fosters the opportunities while answering the challenges of implementing a HRIC. For this, we put forward five specific recommendations and action points to ensure that a European HRIC: i) is built on established standards and guidelines, providing cloud technologies through an open and decentralized infrastructure; ii) is developed and certified to the highest standards of interoperability and data security that can be trusted by all stakeholders; iii) is supported by a robust ethical and legal framework that is compliant with the EU General Data Protection Regulation (GDPR); iv) establishes a proper environment for the training of new generations of data and medical scientists; and v) stimulates research and innovation in transnational collaborations through public and private initiatives and partnerships funded by the EU through Horizon 2020 and Horizon Europe

Semantics-Empowered Big Data Processing with Applications

We discuss the nature of Big Data and address the role of semantics in analyzing and processing Big Data that arises in the context of Physical-Cyber-Social Systems. We organize our research around the Five Vs of Big Data, where four of the Vs are harnessed to produce the fifth V - value. To handle the challenge of Volume, we advocate semantic perception that can convert low-level observational data to higher-level abstractions more suitable for decision-making. To handle the challenge of Variety, we resort to the use of semantic models and annotations of data so that much of the intelligent processing can be done at a level independent of heterogeneity of data formats and media. To handle the challenge of Velocity, we seek to use continuous semantics capability to dynamically create event or situation specific models and recognize relevant new concepts, entities and facts. To handle Veracity, we explore the formalization of trust models and approaches to glean trustworthiness. The above four Vs of Big Data are harnessed by the semantics-empowered analytics to derive value for supporting practical applications transcending physical-cyber-social continuum

Bench-Ranking: ettekirjutav analüüsimeetod suurte teadmiste graafide päringutele

Relatsiooniliste suurandmete (BD) töötlemisraamistike kasutamine suurte teadmiste graafide töötlemiseks kätkeb endas võimalust päringu jõudlust optimeerimida. Kaasaegsed BD-süsteemid on samas keerulised andmesüsteemid, mille konfiguratsioonid omavad olulist mõju jõudlusele. Erinevate raamistike ja konfiguratsioonide võrdlusuuringud pakuvad kogukonnale parimaid tavasid parema jõudluse saavutamiseks. Enamik neist võrdlusuuringutest saab liigitada siiski vaid kirjeldavaks ja diagnostiliseks analüütikaks. Lisaks puudub ühtne standard nende uuringute võrdlemiseks kvantitatiivselt järjestatud kujul. Veelgi enam, suurte graafide töötlemiseks vajalike konveierite kavandamine eeldab täiendavaid disainiotsuseid mis tulenevad mitteloomulikust (relatsioonilisest) graafi töötlemise paradigmast. Taolisi disainiotsuseid ei saa automaatselt langetada, nt relatsiooniskeemi, partitsioonitehnika ja salvestusvormingute valikut. Käesolevas töös käsitleme kuidas me antud uurimuslünga täidame. Esmalt näitame disainiotsuste kompromisside mõju BD-süsteemide jõudluse korratavusele suurte teadmiste graafide päringute tegemisel. Lisaks näitame BD-raamistike jõudluse kirjeldavate ja diagnostiliste analüüside piiranguid suurte graafide päringute tegemisel. Seejärel uurime, kuidas lubada ettekirjutavat analüütikat järjestamisfunktsioonide ja mitmemõõtmeliste optimeerimistehnikate (nn "Bench-Ranking") kaudu. See lähenemine peidab kirjeldava tulemusanalüüsi keerukuse, suunates praktiku otse teostatavate teadlike otsusteni.Leveraging relational Big Data (BD) processing frameworks to process large knowledge graphs yields a great interest in optimizing query performance. Modern BD systems are yet complicated data systems, where the configurations notably affect the performance. Benchmarking different frameworks and configurations provides the community with best practices for better performance. However, most of these benchmarking efforts are classified as descriptive and diagnostic analytics. Moreover, there is no standard for comparing these benchmarks based on quantitative ranking techniques. Moreover, designing mature pipelines for processing big graphs entails considering additional design decisions that emerge with the non-native (relational) graph processing paradigm. Those design decisions cannot be decided automatically, e.g., the choice of the relational schema, partitioning technique, and storage formats. Thus, in this thesis, we discuss how our work fills this timely research gap. Particularly, we first show the impact of those design decisions’ trade-offs on the BD systems’ performance replicability when querying large knowledge graphs. Moreover, we showed the limitations of the descriptive and diagnostic analyses of BD frameworks’ performance for querying large graphs. Thus, we investigate how to enable prescriptive analytics via ranking functions and Multi-Dimensional optimization techniques (called ”Bench-Ranking”). This approach abstracts out from the complexity of descriptive performance analysis, guiding the practitioner directly to actionable informed decisions.https://www.ester.ee/record=b553332