Title: SECURITY VISUALIZATION INFRASTRUCTURES, TECHNIQUES, AND METHODOLOGIES FOR IMPROVED ENTERPRISE SECURITY
PhD Candidate: Fatma Ferda Özdemir
Program: Informations Systems Department
Date: 17 June 15:30
Place: Conference Hall-01
Abstract: This thesis represents research focuses on providing designs to allow monitoring of the security status of enterprises at the organization level. The audience of this research is all enterprise level IT and security experts, and the other users who may be engaged in the security visualization designs, including the top level management. Numerous tools and programs are being used to analyze to overcome security vulnerabilities of the organizations. However, the outputs of these programs are rarely understood clearly. During the research, existing security visualization requirements and designs along with the corresponding technologies used for security visualization are examined. For the sake of being user-centric, a visualization requirements survey is held. The results of the literature review and the survey are converted to a substantial requirement set for a generic enterprise security visualization infrastructure. This infrastructure is implemented using industry best standards and the contemporary big data solutions. The resulting design is validated through the use of expert reviews. Later, one of the favorite security visualization subjects for the enterprises, namely web application security is depicted. A dashboard type holistic design to visualize black-box vulnerability test results is proposed along with forty plus metrics and measures. SIEM systems are also examined for their custom data visualization capabilities in parallel to this part of the study. Finally, security management related issues for the organizations was focused. In this part of this study , a decision support system for the optimization of security costs which relies on analytical methods and uses treemap type visualizations to visualize the threats, risks, corresponding precautions, and the costs is proposed. A real-world case study is used to demonstrate the benefits of this system.