Virtual Data Explorer

Virtual Data Explorer

Virtual Data Explorer is a set of software components, that allow you to visualize and explore your computer network topology as a set of 3D data-shapes, using Virtual and / or Mixed Reality headsets.

Our brain is really good at perceiving objects in Real Reality, say, the shape of your hand. But its not that good at grasping the precise three-dimensional shape of your hand on the screen of your computer. Hence its quite tricky to have 3D data visualizations as part of our everyday data-analysis workflow, if we’d have to ingest these from a flat screen.

Behold: the umpteenth-generation XR headsets! Now these fancy things are (finally) able to provide us with the capability to immerse in stereoscopically perceivable data visualization. This allows us to create (non-geospatial!) network topology visualizations that map to our (or your NOC/SOC operator’s) understanding of the sets of networked entities (say, computers, toasters, drones, nukes, roombas, etc.) that are participating in the to-be protected networks.

What are the ingredients?

No pixie dust. No rainbows. No unicorn skeletons either.

VDE has 3 components:

  • Backend interprets the configurations of your network topology (json) and maps the ingested data according to that config into groups (of groups (of groups (of groups))) of entities.
  • A browser plugin helps you in feeding the data from your Moloch, SIEM or custom log correlation tool when you so choose (say, after running a query), via websocket to the VDE backend.
  • Headset (Magic Leap, Oculus, MSR) gets the set of groups from the backend and positions these for the viewer according to the layout configuration (json).

Unity 3D is used to create the software running in / for the headsets, C# for the backend, few lines of javascript for the browser plugin.

Howto

For a data visualization to be useful and efficient, we need to align that to our internalized understanding of the data that we need to understand, explore, monitor - extract information from.

In the Mental Model Mapping Method for Cybersecurity paper we described a method for interviewing Subject Matter Experts, to extract their implicit and explicit understanding of the data that they work with, to create useful, interactive, stereoscopically perceivable visualizations.

3D visualization may look fancy and scifi, but they must be useful. Hence the process for creating a useful visualization should be used when creating data layouts for the VDE.

Tell me more!

Please do read the papers where the reasoning behind the creation of the software, the topology layouts and the method for creating these and other layouts are being discussed.

Enhancing Cyber Defense Situational Awareness using 3D Visualizations13th International Conference on Cyber Warfare and Security

Operator Impressions of 3D Visualizations for Cybersecurity Analysts18th European Conference on Cyber Warfare and Security

VR/MR Supporting the Future of Defensive Cyber OperationsThe 14th IFAC/IFIP/IFORS/IEA Symposium on Analysis, Design, and Evaluation of Human-Machine Systems

Mental Model Mapping Method for Cybersecurity22nd International Conference on Human-Computer Interaction

Indulge me!

Keep in mind, that understanding 3D structures shown on a flat screen is much harder for the brain than observing these in Mixed, Virtual or Real Reality. But before a WebXR demo, you’ll have to do with pics and vids.

These videos were captured in 2018 and 2019 using VDE v1.

You’ll see the logical topology of networked entities that were active during the NATO CCDCOE Locked Shields exercise. The topology is overlaid with network traffic, edges representing the nr of sessions observer during a set time-window. Data was ingested from Moloch.

Virtual Reality videos

Mixed Reality videos:


Virtual Reality Data Analytics Environment

VDE v1 is integrated in the VRDAE, that is developed by the United States Army Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center. Please read more about related projects: here and here.


NATO IST-141, "Panel Activities Dataset"

VDE was featured in the NATO IST-141 workgroup's final raport. This video explores a dataset of NATO Panel activities.


Mental Model Mapping Method (for Cybersecurity)

M4C was presented at the 22nd International Conference on Human-Computer Interaction conferece.

Load it down?

Yeah, about that: not yet.

VDE v1 will be released only as a component of VRDAE.

VDE v2 is almost ready. Almost. If you would like to try it out using your datasets before it’s released, please do reach out and let’s explore the options.

The plan is to make v2 available for multiple MR & VR platforms in 2020 and release the source under GPLv3 sometime after that.

Both, the bin and src shall be available here.

Need to try and use NOW?

Please do reach out:

vde@coda.ee