Welcome to 15th IEEE Symposium on Visualization for Cyber Security
VizSec 2018 will be held in Berlin, Germany in conjunction with IEEE VIS on Monday October 22nd. VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.
Questions? Please email email@example.com for questions regarding VizSec 2018.
VizSec Poster and Demo Fast Forward
Paper Session: Networks and Privacy
Birds-of-a-Feather Lunchtime Discussion: “Transition: The Power of Adaptation and Accommodation”
Paper Session: Analytics
Paper Session: Malware Analysis
Paper Session: Short Papers
Dr Sandro Gaycken
Senior Researcher and Director of the Digital Society Institute
Dr Sandro Gaycken is founder and director of the Digital Society Institute at ESMT Berlin. He has published five scientific monographs, three on cyberwarfare, and more than 60 other scientific publications on cybersecurity. Sandro is an Oxford Martin School Fellow, a program committee member of Harvard-MIT’s annual conference series on cyber defense and cyber norms, a Senior Advisor for the AI Initiative at Harvard Kennedy School, co-lead “Programme Transverse Sécurité Défense, Sec. Cybersecurity” at elite French university CNAM, an EastWest Senior Fellow, a Senior Fellow of the German Council on Foreign Relations, a member of the Conversation Circle Intelligence Services in Germany, and an IEEE permanent reviewer. As an advisor to the German government, he developed the German foreign cyber policy strategy, testified numerous times in German parliament, and conducted many parliamentary dialogues. He was instrumental in bringing about the German chancellory’s German-Chinese No-Spy agreement, in the White House USTR’s effort to mitigate industrial espionage, and in IAEA and G8 efforts to control nuclear cybersecurity. In cyber military affairs, Sandro served as part of the German MoD’s cyber defense white book process, and moderated interdepartmental cyber coordination efforts. He serves as an expert witness in NATO military cyber counterintelligence cases, and as director in NATO’s SPS program, which develops and implements national cyberdefense strategies and technologies in the Middle East region. As an industrial advisor, Sandro has conducted nine major industry studies, ranging from smartgun and semiconductor component security assessments to strategic industry development issues. He advises large German cyber investors such as ammer!partners and Allianz ventures, developed Allianz’s cyber risk assessment methodology, and produced a buyer’s guide for the German DIHK and SME community, which lists 120 external criteria to assess the security quality of an IT-product. Sandro also founded the high assurance security company SECURE ELEMENTS Ltd., which offers impenetrable embedded systems and highly secure execution environments. Devoted to an open discourse and public enlightenment, he writes frequent op-eds in leading German newspapers like Handelsblatt, FAZ, Süddeutsche, and DIE ZEIT, and he comments regularly on cyber matters on mainstream media outlets such as Tagesschau, Heute, NTV, N24, CNN, BBC, Bloomberg, Forbes, The Economist, The Guardian, The Times, Wired, Vanity Fair, and Al Jazeera.
poster viewing will be in the Foyers room on Wednesday 5:20-7:00 PM during the main VIS power session
- Doing User Behaviour Analytics through Interactive Visual User Profiles by Phong H. Nguyen, Siming Chen, Natalia Andrienko, Gennady Andrienko, Olivier Thonnard, Cagatay Turkay
- Designing Visualisation Enhancements for SIEM Systems by Phong H. Nguyen, Siming Chen, Natalia Andrienko, Michael Kamp, Linara Adilova, Gennady Andrienko, Olivier Thonnard, Alysson Bessani, Cagatay Turkay
- Visual Content Privacy Leaks on Social Media Networks by Jasmine DeHart, Christan Grant
- Email Campaign Explorer for Detecting Malicious Email Campaigns by Awalin Sopan, Parnian Najafi
- A Set Visualization Tool for Network Metadata Exploration and Threat Hunting by Brett Fouss, Dennis Ross, Shannon Robinson, Kenneth Alperin
- Exploring the role of experts’ knowledge in visualizations for cyber security by Fabian Böehm, Noëlle Rakotondravony, Günther Pernul, Hans P. Reiser
- Towards Bridging the Gap Between Visual Cybersecurity Analytics and Non-Experts by Means of User Experience Design by Marija Schufrin, Alex Ulmer, David Sessler, Jörn Kohlhammer
- Multi-layer Onion-ring Visualization of Distributed Clusters for SmartX Multiview Visibility and Security by Jun-Sik Shin, Muhammad Usman, JongWon Kim
- An Exploration of User Centered and System Based Approaches to Cyber Situation Awareness by Margaret Varga, Carsten Winkelhotz, Susan Träeber-Burdin
- Visualizing Remote Network Reactions with Firewall Probe by Hyuga Kobayashi, Hideya Ochiai, Hiroshi Esaki
Call for Papers
The 15th IEEE Symposium on Visualization for Cyber Security (VizSec) brings together researchers and practitioners from academia, government, and industry to address the needs of the cyber security community through new and insightful visualization and analysis techniques. VizSec provides an excellent venue for fostering greater exchange and new collaborations on a broad range of security- and privacy-related topics. VizSec will be held in Berlin, Germany in conjunction with IEEE VIS, on Monday, October 22nd, 2018.
VizSec explores effective and scalable visual interfaces for security domains such as network security, computer forensics, reverse engineering, insider threat detection, cryptography, privacy, user assisted attacks prevention, compliance management, wireless security, secure coding, and penetration testing.
VizSec solicits both full and short papers, both of which will be published in the proceedings that will be published by IEEE. Authors of accepted papers must guarantee that their papers will be presented at the conference.
Full papers describing novel contributions in security visualization are solicited. Papers may present techniques, applications, theory, analysis, experiments, or evaluations. We encourage the submission of papers on technologies and methods that improve cyber security practices, including, but not limited to:
- Situation awareness and/or understanding
- Incident handling including triage, exploration, correlation, and response
- Computer forensics
- Recording and reporting results of investigations
- Assisting proactive security configuration and deployment
- Reverse engineering and malware analysis
- Vulnerability management
- Multiple data source analysis
- Analyzing information requirements for computer network defense
- Evaluation and/or user testing of VizSec systems
- Criteria for assessing the effectiveness of cyber security visualizations (whether from a security goal perspective or a human factors perspective)
- Modeling system and network behavior
- Modeling attacker and defender behavior
- Studying risk and impact of cyber attacks
- Predicting future attacks or targets
- Security metrics and education
- Software security
- Mobile application security
- Social networking privacy and security
When applicable, visualization and interaction techniques that effectively capture the insights of human analysts and/or allow analysts to collaborate efficiently are particularly desirable.
Submissions including tests and evaluations of existing tools and techniques are also considered particularly desirable. If possible, making the data used for the tests available will also be considered positively. If you do not have real-world data to demonstrate your visualization, you may be interested in looking at the VizSec Data Sets page.
Short papers describing practical applications of security visualization are solicited. We encourage the submission of papers discussing the introduction of cyber security visualizations into operational context, including, but not limited to:
- Cases where visualization made positive contributions towards meeting operational needs
- Gaps or negative outcomes from visualization deployments
- Situations where visualization was not utilized, but could have had a positive impact
- Lessons learned from operational engagements
- Insights gained from the transition process
Cyber security practitioners from industry, as well as the research community, are encouraged to submit case studies.
Poster submissions may showcase late-breaking results, work in progress, preliminary results, or visual representations relevant to the VizSec community. The poster program will be a great opportunity for the authors to interact with the attendees and solicit feedback. Accepted poster abstracts will be made available on the VizSec website.
There will be an award for the best paper from the accepted program. This award will be given to the paper judged to have the highest overall quality as determined by the program committee. Key elements of the selection process include whether papers include evaluation, repeatable results, and open-source data or software. Both full and short papers are eligible.
Thanks to the generous support of Two Six Labs, the best paper awardee will receive a $100 Amazon gift card!
The VizSec 2018 proceedings will be published by IEEE. Submissions must be formatted using the IEEE "Conference Style" template that can be found at:
All submissions must be in PDF format.
After logging in, click the submissions link on the top navigation bar. Select Society: VGTC, Conference: VizSec 2018
Note Posters will be submitted via email instead of PCS. For more information, please see the Posters section below.
Full Papers should be at most 8 pages including the bibliography and appendices. Short papers should be at most 4 pages including the bibliography and appendices.
All papers will be peer-reviewed by at least 3 members of the program committee. Committee members are not required to read the appendices or any pages past the maximum. Submissions not meeting these guidelines will be rejected without consideration of their merit.
Reviews are single-blind, so authors may include names and affiliations in their submissions. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings.
To submit a poster, please email an extended abstract as a PDF attachment to firstname.lastname@example.org and include the author names and affiliations in the email body. Extended abstract should be at most 2 pages including the bibliography. Poster abstracts will be reviewed by the Poster Chair(s) and other members of the organizing committee to determine relevance to the VizSec community.
Accepted authors must present a corresponding poster during the workshop. The poster authors can determine the layout by themselves, but the dimensions of the posters should not exceed the A0 space (841mm x 1189mm or 33.1" x 46.8"). Additionally, poster authors are requested to give a brief oral preview during a plenary "fast forward" session.
Accepted poster abstracts will be made available on this website.
Thanks to the generous donations of our sponsors, we are delighted to announce that we will be offering several VizSec 2018 Diversity Scholarship awards to help cover the costs of attending VizSec. This scholarship award covers full week registration plus a small stipend to help offset travel costs.
All VizSec attendees may apply for the diversity scholarships except for those from a country on the OFAC sanctions list at:
Applicants must submit a cover letter and curriculum vitae in PDF format. The cover letter should discuss your eligibility for this scholarship and how you would benefit from attending VizSec 2017. It should be no more than 2 pages (letter size) with at least 1 inch margins and 11pt or larger font.
Applications will also be asked to answer the following questions:
- Have you ever attended VizSec or VIS before? If so, when?
- Are you currently a student? If so, please specify the degree and subject area you are working on, and where.
- Are you from an underrepresented group in computer science? If so, please specify.
- Please let us know your country or countries of citizenship, and the country and city you will be traveling from.
To apply for this scholarship, login or create an account at:
After logging in, click the "new submissions" link on the top navigation bar and look for the link for "Submit to VizSec 2018 Diversity Scholarship" in the list under the "VIS 2018" heading.
The application deadline is August 22, 2018 at 5:00pm PDT. Awardees will be notified by September 04, 2018, and must register for the conference by the early registration deadline on September 7, 2018.
General Chair Chair
MIT Lincoln Laboratory
Celeste Lyn Paul,
US Department of Defense
United States Army
Pacific Northwest National Laboratory
Two Six Labs
US Department of Defense
- Marco Angelini Sapienza University of Rome
- Dustin Arendt Pacific Northwest National Laboratory
- Daniel Best Pacific Northwest National Laboratory
- Lauren Bradel U.S. Department of Defense
- Andrea Brennen In-Q-Tel
- Laurin Buchanan Secure Decisions
- Bram Cappers University of Technology Eindhoven (Tu/e)
- Siming Chen Peking University
- Ann Cox U.S. Department of Homeland Security
- Sophie Engle University of San Francisco
- Fabian Fischer University of Konstanz
- Carrie Gates Securelytix
- John Gerth Stanford University
- Mohammad Ghoniem Luxembourg Institute of Science and Technology
- Robert Gove Two Six Labs
- Lane Harrison Worcester Polytechnic Institute
- Christopher Humphries INRIA
- Jörn Kohlhammer Fraunhofer IGD
- Philip Legg University of the West of England
- Timothy Leschke U.S. Department of Defense, Johns Hopkins University
- Kristen Liggett Air Force Research Laboratory
- Frédéric Majorczyk DGA
- Raffael Marty Loggly
- Sean McKenna University of Utah
- Chris Muelder Google
- Stephen North Infovisible, LLC
- Celeste Paul U.S. Department of Defense, University of Maryland
- Nicolas Prigent LSTI
- Noëlle Rakotondravony Universität Passau
- Rosa Romero-Gómez Uncharted Field Services Corporation
- Giuseppe Santucci University of Rome "La Sapienza"
- Graig Sauer U.S. Department of Defense, Towson University
- Christopher Simpson National University
- Awalin Sopan FireEye, Inc.
- Diane Staheli MIT Lincoln Laboratory
- Sebastien Tricaud Splunk
- David Trimm University of Maryland, Baltimore County (UMBC)
- Kirsten Whitley U.S. Department of Defense
- Joseph Yuen Defence Science Technology Organisation
Two Six Labs
Two Six Labs invents, prototypes and engineers breakthrough technologies for government and industry, with broad commitments in multiple areas of technological innovation. Two Six Labs' projects range from situational awareness interfaces for cyber operators to distributed sensor networks, from machine learning models that learn to reverse engineer malware to embedded devices that enable and protect our nation's warfighters.
Open Position(s): Front End Software Engineer
PUNCH is a boutique cyber-consulting firm that provides advanced analytics and strategic support to government and commercial clients. Our primary focus is in improving an organization’s awareness of and ability to manage a growing cyber threat environment. We focus on bolstering cyber preparedness by improving an organization’s analysts and the tools at their disposal.
Fraunhofer IGD is one of the world’s leading institutes for applied research in Visual Computing, including computer graphics, computer vision, as well as virtual and augmented reality. We are part of Germany's largest research network on cyber-security for IT-based systems called CRISP, where IGD is responsible for user-centered visual analytics and biometric procedures.
Data Machines Corp
Data Machines Corp. is a small company dedicated to researching and advancing the state of the art in data analytics, multi-user cloud data analytic architectures, and large scale data processing pipelines.
Open Position(s): Data Machines Jobs
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.