Influence of Mental Models on the Design of Cyber Security Dashboards

Janosch Maier, Arne Padmos, Mortaza S. Bargh, Wolfgang Wörndl

2017

Abstract

Governments make cyber security related policies to protect citizens’ interests and national infrastructures against cyber attacks. Cyber security related data can enable evidence based policymaking. Data visualisation via dashboards can help understanding of these cyber security data. Designing such dashboards, however, is not straightforward due to difficulty for potential dashboard users to correctly interpret the displayed information. In this contribution we investigate the use of mental models for correct interpretation of displayed information. Our research question is: How useful are mental models for designing cyber security dashboards? We qualitatively investigate the mental models of seven cyber security experts from a typical governmental organisation. This research shows how operators, analysts and managers have different cyber security mental models. Based on the insight gained on these mental models, we develop a cyber security dashboard to assess the impact of mental models on dashboard design. An experience evaluation shows that the realised dashboard is easy to understand and does not obstruct users. We, however, do not see any meaningful difference in how the experts perceive the dashboard, despite their different cyber security mental models. We propose some directions for future research on using mental models for cyber security dashboard design.

References

  1. Asgharpour, F., Liu, D., and Camp, L. J. (2007). Mental Models of Computer Security Risks. In Workshop on the Economics of Information Security, pages 1-9, Pittsburgh.
  2. Ben-Ari, M. (1998). Constructivism in computer science education. ACM SIGCSE Bulletin, 30(1):257-261.
  3. Bertram, D. (2013). Likert scales are the meaning of life. Technical report.
  4. Craig, K. J. W. (1943). The Nature of Explanation. Cambridge University Press, Cambridge.
  5. CTF365 Blog (2014). Interactive Cyber Attack Map.
  6. Deutsche Telekom AG Honeypot Project (2015). T-Pot: A Multi-Honeypot Platform.
  7. Döring, N. and Bortz, J. (2015). Forschungsmethoden und Evaluation in den Sozial- und Humanwissenschaften. Springer, Berlin, Heidelberg, 5 edition.
  8. Doyle, J. K. and Ford, D. N. (1998). Mental models concepts for system dynamics research. System Dynamics Review, 14(1):3-29.
  9. Few, S. (2006). Information Dashboard Design. O'Reilly Media, North Sebastopol, 1 edition.
  10. Few, S. (2007). Dashboard Confusion Revisited. Perceptual Edge, pages 1-6.
  11. Fonteyn, M. E., Kuispers, B., and Grobe, S. J. (1993). A Description of Think Aloud Method and Protocol Analysis. Qualitative Health Research, 3(4):430-441.
  12. George, D. and Mallery, P. (2007). SPSS for Windows StepBy-Step: A Simple Guide and Reference. Allyn & Bacon, 14 edition.
  13. Hinckley, J., Hinckley, J., and Robinson, J. G. (2005). The Big Book of Car Culture: The Armchair Guide to Automotive Americana. Motorbooks, St. Paul.
  14. Knorr-Cetina, K. (1981). The Manufacture of Knowledge: An Essay on the Constructivist and Contextual Nature of Science. Pergamont Press Ltd., Oxford, 1 edition.
  15. Laugwitz, B., Held, T., and Schrepp, M. (2008). Construction and Evaluation of a User Experience Questionnaire. In Holzinger, A., editor, 4th Symposium of the Workgroup Human-Computer Interaction and Usability Engineering of the Austrian Computer Society, pages 63-76, Graz. Springer Berlin Heidelberg.
  16. Maier, J. (2016). csd: v1.0.
  17. Mayring, P. (2010). Qualitative Inhaltsanalyse. In Mey, G. and Mruck, K., editors, Handbuch Qualitative Forschung in der Psychologie, pages 601-613. VS Verlag für Sozialwissenschaften, Wiesbaden, 1 edition.
  18. Mayring, P. (2015). Qualitative Inhaltsanalyse Grundlagen und Techniken. Beltz, Weinheim und Basel, 12 edition.
  19. McNeil, S. (2015). Visualizing mental models: Understanding cognitive change to suppor teaching and learning of multimedia design and development. Educational Technology Research and Development, 63(1):73-96.
Download


Paper Citation


in Harvard Style

Maier J., Padmos A., S. Bargh M. and Wörndl W. (2017). Influence of Mental Models on the Design of Cyber Security Dashboards . In Proceedings of the 12th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - Volume 3: IVAPP, (VISIGRAPP 2017) ISBN 978-989-758-228-8, pages 128-139. DOI: 10.5220/0006170901280139


in Bibtex Style

@conference{ivapp17,
author={Janosch Maier and Arne Padmos and Mortaza S. Bargh and Wolfgang Wörndl},
title={Influence of Mental Models on the Design of Cyber Security Dashboards},
booktitle={Proceedings of the 12th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - Volume 3: IVAPP, (VISIGRAPP 2017)},
year={2017},
pages={128-139},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006170901280139},
isbn={978-989-758-228-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications - Volume 3: IVAPP, (VISIGRAPP 2017)
TI - Influence of Mental Models on the Design of Cyber Security Dashboards
SN - 978-989-758-228-8
AU - Maier J.
AU - Padmos A.
AU - S. Bargh M.
AU - Wörndl W.
PY - 2017
SP - 128
EP - 139
DO - 10.5220/0006170901280139