Immersive Data Exploration

3DSOC

Cyber Data Visualization for Threat Intelligence

Background

In October of 2016, several major Internet companies suffered service disruptions due to a major cyber attack.

The outages happened as hackers launched a large distributed denial of service (DDoS) attack on a large DNS infrastructure provider. DDoS attacks on DNS services are incredibly effective because, in addition to overwhelming servers with malicious traffic, those same servers also have to deal with automatic re-requests, and users hitting refresh over and over to summon the pages.

Immersive Data Exploration

As Twitter, Netflix, Amazon, and Spotify were slowly coming back online, a DoD customer wanted to implement a “monitor and response” cyber-security strategy by exploring building a state of the art Security Operations Center (SOC) responsible for identifying, investigating, prioritizing, escalating and resolving issues affecting the security of information assets involving social media and homeland security. The interactive wall concept was to be deployed alongside several Network Operation Centers.

TheInc developed a 3D network visualizer that displays network topologies in varying levels of detail, ranging from a global to national perspective down to specific properties of individual nodes.

Interaction design included natural gesture and touch as cyber data visualization and analysis is a complex task due to the different dimensions of data that need to be analyzed and to the fact that cyber attacks are the combination of several layers of information. The interactive wall head tracking brought a real difference compared to static point of view, as it let users naturally move around 3D elements, and gives them proper perspective and depth information as well as more insights on volumetric or spatial data.