Virtual Data Explorer is a set of software components, that allow you to visualize and explore your computer network topology as a set of 3D data-shapes, using Virtual and / or Mixed Reality headsets.
Our brain is really good at perceiving objects in Real Reality, say, the shape of your hand. But its not that good at grasping the precise three-dimensional shape of your hand on the screen of your computer. Hence its quite tricky to have 3D data visualizations as part of our everyday data-analysis workflow, if we’d have to ingest these from a flat screen.
Behold: the umpteenth-generation XR headsets! Now these fancy things are (finally) able to provide us with the capability to immerse in stereoscopically perceivable data visualization. This allows us to create (non-geospatial!) network topology visualizations that map to our (or your NOC/SOC operator’s) understanding of the sets of networked entities (say, computers, toasters, drones, nukes, roombas, etc.) that are participating in the to-be protected networks.
No pixie dust. No rainbows. No unicorn skeletons either.
VDE has 3 components:
For a data visualization to be useful and efficient, we need to align that to our internalized understanding of the data that we need to understand, explore, monitor - extract information from.
In the Mental Model Mapping Method for Cybersecurity paper we described a method for interviewing Subject Matter Experts, to extract their implicit and explicit understanding of the data that they work with, to create useful, interactive, stereoscopically perceivable visualizations.
3D visualization may look fancy and scifi, but they must be useful. Hence the process for creating a useful visualization should be used when creating data layouts for the VDE.
Please do read the papers where the reasoning behind the creation of the software, the topology layouts and the method for creating these and other layouts are being discussed.
Enhancing Cyber Defense Situational Awareness using 3D Visualizations13th International Conference on Cyber Warfare and Security
Operator Impressions of 3D Visualizations for Cybersecurity Analysts18th European Conference on Cyber Warfare and Security
VR/MR Supporting the Future of Defensive Cyber OperationsThe 14th IFAC/IFIP/IFORS/IEA Symposium on Analysis, Design, and Evaluation of Human-Machine Systems
Mental Model Mapping Method for Cybersecurity22nd International Conference on Human-Computer Interaction
Keep in mind, that understanding 3D structures shown on a flat screen is much harder for the brain than observing these in Mixed, Virtual or Real Reality. But before a WebXR demo, you’ll have to do with pics and vids.
These videos were captured in 2018 and 2019 using VDE v1.
You’ll see the logical topology of networked entities that were active during the NATO CCDCOE Locked Shields exercise. The topology is overlaid with network traffic, edges representing the nr of sessions observer during a set time-window. Data was ingested from Moloch.
VDE v1 is integrated in the VRDAE, that is developed by the United States Army Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center. Please read more about related projects: here and here.
VDE was featured in the NATO IST-141 workgroup's final raport. This video explores a dataset of NATO Panel activities.
M4C was presented at the 22nd International Conference on Human-Computer Interaction conferece.
Yeah, about that: not yet.
VDE v1 will be released only as a component of VRDAE.
VDE v2 is almost ready. Almost. If you would like to try it out using your datasets before it’s released, please do reach out and let’s explore the options.
The plan is to make v2 available for multiple MR & VR platforms in 2020 and release the source under GPLv3 sometime after that.
Both, the bin and src shall be available here.