User-Centered Design of Visualizations for Software Vulnerability Reports
IEEE Symposium on Visualization for Cyber Security (VizSec) <18, 2021, online>
Today’s software systems are created by software development processes that naturally include mistakes, some of which can be exploited by attackers and are therefore called vulnerabilities. Automatic software scanners enable developers to analyze their applications to detect vulnerabilities and alert them of their presence. But often these reports are hard to understand, include false positives or overwhelm users due to the sheer number of alerts, since a report may contain hundreds to thousands of vulnerabilities. Developers must undergo a process called vulnerability triage to find the relevant vulnerabilities to fix. This paper presents two interactive visualizations for developers and security experts to gain an overview of the security state of their application. Users can see the distribution of vulnerabilities, find the most relevant ones, and compare differences between application versions. Our visualization design is inspired by an initial preliminary study and has been evaluated by domain experts to investigate the usability and appropriateness.
Automatic View Planning for 3D Reconstruction of Objects with Thin Features
Darmstadt, TU, Master Thesis, 2020
View planning describes the process of planning view points, from which to record an object or environment for digitization. This thesis examines the applicability of view planning to the 3D reconstruction of insect specimens from extended depth of field images and depth maps generated with a focus stacking method. Insect specimens contain very thin features, such as legs and antennae, while the depth maps, generated during the focus stacking, contain large levels of uncertainty. Since focus stacking is usually not used for 3D reconstruction, there are no state-of-the-art view planning systems, which deal with the unique challenges of this data. Within this thesis, a view planning system with two components is designed to deal with the uncertainty explicitly. The first component utilizes volumetric view planning methods from well established research along with a novel sensor model, to represent the synthetic camera, generated from the focus stack. The second component is a novel 2D feature tracking module, which is designed to capture small details, which can not be recorded within a volumetric representation. The evaluation of the system shows that the application of view planning can still significantly reduce the time required for scene exploration and provide similar amounts of detail as an unplanned approach. Some future improvements are suggested, which may enable the system to capture even more detail.
Information Visualization Interface on Home Router Traffic Data for Laypersons
Proceedings of the Working Conference on Advanced Visual Interfaces AVI 2020
International Conference on Advanced Visual Interfaces (AVI) <2020, online>
With the aim to increase the awareness of the everyday internet user for the own home network traffic, we present two interactive visualization interfaces for visual exploration of home router traffic records. Thereby we differentiate between users with a present intrinsic motivation for the topic and those with absent intrinsic motivation. Therefore, gamification in the first interface is used to maintain motivation of the first type of user, while the storytelling concept based on the hero's journey in the second interface aims at increasing the perceived incentives for the second user group.