Usable solutions for cyber security
Case study on analysing the cyber situation wins best paper award
2024/05/16 by PEASEC
The publication ‘’We Do Not Have the Capacity to Monitor All Media‘: A Design Case Study on Cyber Situational Awareness in Computer Emergency Response Teams’, which was produced at the Department of Science and Technology for Peace and Security (PEASEC) at TU Darmstadt, was honoured with the Best Paper Award at the international top conference (CORE-A*) of human-computer interaction ACM Conference on Human Factors in Computing Systems (CHI).
The increase in complex cyber attacks on citizens, critical infrastructures and companies emphasises the vulnerability of society and the information infrastructure. In addition to information and IT security technologies, early warning systems and response strategies are needed to strengthen civil security. So-called Computer Emergency Response Teams (CERTs) and IT security officers are central points of contact for preventive and reactive measures in the event of IT security incidents. Due to the confusing information situation in the event of cyberattacks, the evaluation and target group-orientated processing of information is a major challenge for these teams.
The , funded by the German Federal Ministry of Education and Research (BMBF) and coordinated by the PEASEC department, therefore aimed to support CERTs by using new technologies to collect, analyse and communicate the cyber situation. In cooperation with the Hessen CyberCompetenceCentre (Hessen3C) and other research and development partners, a novel web-based application was developed that enables automated collection of public data, interactive data analysis and communication of alerts. Acceptance and usability as well as ethical, legal and social frameworks were taken into account during the development. CYWARN project (2020-2024)
Developing usable solutions
The scientifically summarises the design process of the ‘Cyber Threat Observatory’ developed in the projects. As part of a three-year design case study, the work combines qualitative interviews, interactive workshops and scenario-based evaluations with security organisations in order to develop a real-time dashboard to improve cyber situational awareness. award-winning publication by Dr Marc-André Kaufhold, Dr Thea Riebe, Markus Bayer and Professor Christian Reuter
By incorporating artificial intelligence and visual analytics, public data such as vendor recommendations, compromise notifications, vulnerability databases and social media posts relevant to current cyber threats and vulnerabilities could be collected, visualised, filtered and analysed for credibility and priority in an integrated view," explains , project manager and postdoctoral researcher at PEASEC/ at TU Darmstadt. Marc-André Kaufhold
At the same time, the (inter-)organisational cooperation of CERTs in complex damage situations is strengthened by a chat function, and the target group-oriented communication of reports and alerts, including for federal and state authorities, small and medium-sized enterprises and civil society, is supported by templates. The study, positioned in the research field of human-computer interaction, identifies requirements for a usable technology design and abstracts design heuristics for an improved socio-technical threat and mission awareness in CERTs. The research and development is currently being continued at the National Research Centre for Applied Cybersecurity ATHENE as part of the 'User-Centered Technology Design for Cyber Situational Awareness' (CyAware) project.