Publication Details

Visual Analytics for Cybersecurity Education and Training

OŠLEJŠEK Radek. Visual Analytics for Cybersecurity Education and Training. Brno: Faculty of Information Technology BUT, 2022.
Czech title
Ošlejšek Radek, RNDr., Ph.D. (FI MUNI)

Cyber security, cyber range, exercise, training, analysis, visual analytics, visualization.


The increasing number of security threats leads to a growing need to develop new methods for their mitigation. Simultaneously, it is necessary to train more and more experts who would recognize these threats in time. However, comprehension and practical training of cyber-defense processes is challenging. It is not possible to utilize production infrastructures as these activities would endanger them. Instead, it is necessary to use isolated environments emulating real critical infrastructures. Progress in the development of suitable environments occurred only recently and is associated with the expansion and maturity of cloud technologies. However, the availability of suitable cybersecurity platforms is only one piece of the puzzle. A deeper understanding of cybersecurity processes requires employing efficient data analysis methods capable of providing insight into relationships hidden in the data. In our research, we deal with both interconnected areas. We aim to develop a suitable environment, where security experiments and practical training can be conducted, and relevant data can be systematically gathered. Simultaneously, we strive to use the data for threats understanding and training mitigation procedures. We use the exploratory, visual-based approaches to the data analysis.

In this thesis, I aim to provide the readers with a comprehensive overview of our results in the field of cybersecurity training platforms and related analytical visualizations that we reached in the last seven years. The thesis is structured as a collection of relevant papers accompanied by a commentary putting our contributions in the context of the state-of-the-art in the area and summarizing our achievements. The thesis consists of two main parts. In the first part, I focus on the different approaches to education and training. Our cloud-based cyber range is presented. Lessons learned from the utilization of the platform for various types of cyber exercises are discussed. The second part contains our achievements in the field of visualizations and exploratory data analysis. Conceptual works mapping the possibilities of visual-analysis methods in this new application domain are presented. Particular visualizations improving the efficiency of hands-on training programs are discussed as well. Our achievements in the forensic investigation of file system metadata are presented along with learning analytics results.
Faculty of Information Technology BUT
Brno, CZ
Back to top