• English
  • Deutsch
  • Log In
    Password Login
    Research Outputs
    Fundings & Projects
    Researchers
    Institutes
    Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. User-Centered Design of Visualizations for Software Vulnerability Reports
 
  • Details
  • Full
Options
2021
Conference Paper
Title

User-Centered Design of Visualizations for Software Vulnerability Reports

Abstract
Today's software systems are created by software development processes that naturally include mistakes, some of which can be exploited by attackers and are therefore called vulnerabilities. Automatic software scanners enable developers to analyze their applications to detect vulnerabilities and alert them of their presence. But often these reports are hard to understand, include false positives or overwhelm users due to the sheer number of alerts, since a report may contain hundreds to thousands of vulnerabilities. Developers must undergo a process called vulnerability triage to find the relevant vulnerabilities to fix. This paper presents two interactive visualizations for developers and security experts to gain an overview of the security state of their application. Users can see the distribution of vulnerabilities, find the most relevant ones, and compare differences between application versions. Our visualization design is inspired by an initial preliminary study and has been evaluated by domain experts to investigate the usability and appropriateness.
Author(s)
Reynolds, Steven Lamarr  
Fraunhofer-Institut für Graphische Datenverarbeitung IGD  
Mertz, Tobias  
Fraunhofer-Institut für Graphische Datenverarbeitung IGD  
Arzt, Steven  
Fraunhofer-Institut für Sichere Informationstechnologie SIT  
Kohlhammer, Jörn  orcid-logo
Fraunhofer-Institut für Graphische Datenverarbeitung IGD  
Mainwork
IEEE Symposium on Visualization for Cyber Security, VizSec 2021. Proceedings  
Project(s)
ATHENE
Funder
Bundesministerium für Bildung und Forschung BMBF (Deutschland)  
Conference
Symposium on Visualization for Cyber Security (VizSec) 2021  
DOI
10.1109/VizSec53666.2021.00013
Language
English
Fraunhofer-Institut für Graphische Datenverarbeitung IGD  
Fraunhofer-Institut für Sichere Informationstechnologie SIT  
Keyword(s)
  • Lead Topic: Visual Computing as a Service

  • Research Line: Computer graphics (CG)

  • Research Line: Human computer interaction (HCI)

  • cyber security

  • data visualization

  • interactive visualization

  • usability evaluation

  • CRISP

  • ATHENE

  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Contact
© 2024