EEVi �Framework and Guidelines to Evaluate the Effectiveness of Cyber-Security Visualization

Abstract

Cyber-security visualization aims to reduce security analysts� workload by presenting information as visual analytics instead of a string of text and characters. However, the adoption of the resultant visualizations by security analysts, is not widespread. The literature indicates a lack of guidelines and standardized evaluation techniques for effective visualization in cyber-security, as a reason for the low adoption rate. Consequently, this article addresses the research gap by introducing a framework called EEVi for effective cyber-security visualizations for the performed task. The term �effective visualization� is defined as the features of visualization that are critical for an analyst to competently perform a certain task. EEVi has been developed by analyzing qualitative data which led to the formation of cognitive relationships (called links) between data. These relationships acted as guidelines for effective cyber-security visualization to perform tasks. The methodology to develop this framework can be applied to other fields to understand cognitive relationships between data. Additionally, the analysis of the framework presented, demonstrates how EEVi can be put into practice using the guidelines for effective cyber- security visualization. The guidelines can be used to guide visualization developers to create effective visualizations for security analysts based on their requirements