AlertSets: Supporting Exploratory Analysis of Cybersecurity Alerts Through Set Interactions

Franziska Becker; Christoph Müller; David Karpuk; Tanja Blascheck; Thomas Ertl

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

AlertSets: Supporting Exploratory Analysis of Cybersecurity Alerts Through Set Interactions

Topics: Internet, Web and Security Visualization; Multi-dimensional or Multivariate data visualisation

In Proceedings of the 20th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - Volume 1 GRAPP, HUCAPP and IVAPP: IVAPP, 776-787, 2025 , Porto, Portugal

Authors: Franziska Becker ¹ ; Christoph Müller ¹ ; David Karpuk ² ; Tanja Blascheck ¹ and Thomas Ertl ¹

Affiliations: ¹ Institute for Visualization and Interactive Systems (VIS), University of Stuttgart, Germany ; ² WithSecure Corporation, Finland

Keyword(s): Visual Analytics, Cybersecurity, Exploratory Analysis, Sets, Brushing.

Abstract: Security providers typically deal with large numbers of alerts based on heterogeneous data from many endpoint sensors. While the number of alerts is generally much smaller than the volume of raw data, most alerts are false positives that do not reflect genuinely malicious activity. All types of experts work on such alerts, be it to determine whether they are indeed false positives, to build machine learning models to support their analysis or to keep an eye on the current threat landscape. We conducted a design study to support a diverse group of experts whose working environments are connected to the same alert data. Based on an ongoing industry project that clusters alerts, we designed and evaluated a visual analytics system which enables exploration via powerful, easy-to-understand filtering mechanisms framed through set operations. In this article, we describe our system, give a detailed breakdown of the design process and the lessons we learned. We discuss the results from exper t interviews, which showed the set-based framing to align with experts’ intuitive approach to data analysis and helped users uncover improvement opportunities for the clustering and detection pipelines. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.137.198.249

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Becker, F., Müller, C., Karpuk, D., Blascheck, T. and Ertl, T. (2025). AlertSets: Supporting Exploratory Analysis of Cybersecurity Alerts Through Set Interactions. In Proceedings of the 20th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - IVAPP; ISBN 978-989-758-728-3; ISSN 2184-4321, SciTePress, pages 776-787. DOI: 10.5220/0013376800003912

@conference{ivapp25,
author={Franziska Becker and Christoph Müller and David Karpuk and Tanja Blascheck and Thomas Ertl},
title={AlertSets: Supporting Exploratory Analysis of Cybersecurity Alerts Through Set Interactions},
booktitle={Proceedings of the 20th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - IVAPP},
year={2025},
pages={776-787},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013376800003912},
isbn={978-989-758-728-3},
issn={2184-4321},
}

TY - CONF

JO - Proceedings of the 20th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - IVAPP
TI - AlertSets: Supporting Exploratory Analysis of Cybersecurity Alerts Through Set Interactions
SN - 978-989-758-728-3
IS - 2184-4321
AU - Becker, F.
AU - Müller, C.
AU - Karpuk, D.
AU - Blascheck, T.
AU - Ertl, T.
PY - 2025
SP - 776
EP - 787
DO - 10.5220/0013376800003912
PB - SciTePress