Magnifying glassVizSec 2019

Welcome to 16th IEEE Symposium on Visualization for Cyber Security

VizSec 2019 will be held in Vancouver, Canada in conjunction with IEEE VIS on Wednesday, October 23rd at the Vancouver Convention Centre East (Room 2+3). VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.

To register for VizSec, see the IEEE VIS registration page.

Questions? Please email for questions regarding VizSec 2019.


09:00 09:15 am

Opening Remarks
Remarks by General Chairs: Robert Gove, Dustin Arendt

09:15 10:10 am

Keynote Address

Visualization in an Autonomic World: Establishing Trust, Maintaining Control, and Imparting Resilience by Dr. Chris Oehmen, Pacific Northwest National Laboratory, WA, USA

Please see below for the full abstract and bio.

10:10 10:30 am

Best Paper
Presented By Marco Angelini

Security in Process: Visually Supported Triage Analysis in Industrial Process Data by Anna-Pia Lohfink, Simon D Duque Anton, Hans Dieter Schotten, Heike Leitte, Christoph Garth Best Paper, Featured in TVCG

10:30 10:50 am Coffee Break
10:50 am 12:20 pm

Paper Session: Cyberattack Analysis & Mitigation
Moderated by Sophie Engle

A Visual Analytics Framework for Adversarial Text Generation by Brandon Laughlin, Christopher Collins, Karthik Sankaranarayanan, Khalil El-Khatib

Image-based Malware Classification: A Space Filling Curve Approach by Stephen O’Shaughnessy

SymNav: Visually Assisting Symbolic Execution by Marco Angelini, Graziano Blasilli, Luca Borzacchiello, Emilio Coppa, Daniele Cono D'Elia, Camil Demetrescu, Simone Lenti, Simone Nicchi, Giuseppe Santucci

A Study on Labeling Network Hostile Behavior with Intelligent Interactive Tools by Jorge Luis Guerra, Eduardo Veas, Carlos Adrian Catania

NetCapVis: Web-based Progressive Visual Analytics for Network Packet Captures by Alex Ulmer, David Sessler, Jörn Kohlhammer

PunyVis: A Visual Analytics Approach for Identifying Homograph Phishing Attacks by Brett Fouss, Dennis Ross, Allan Wollaber, Steven R Gomez

12:20 14:20 pm Lunch Break
14:20 14:50 pm

Paper Session: Privacy & Training
Moderated by Chris Bryan

Guess Me If You Can: A Visual Uncertainty Model for Transparent Evaluation of Disclosure Risks in Privacy-Preserving Data Visualization by Aritra Dasgupta, Robert Kosara, Min Chen

Visual Feedback for Players of Multi-Level Capture the Flag Games: Field Usability Study by Radek Ošlejšek, Vit Rusnak, Karolina Burska, Valdemar Švábenský, Jan Vykopal

14:50 15:15 pm

Paper Session: Short Papers
Moderated by Jörn Kohlhammer

An Exploration of Cyber Symbology by Margaret Varga, Carsten Winkelholz, Susan Träber-Burdin

Explainable Visualization of Collaborative Vandal Behaviors in Wikipedia by Siva Sandeep Subramanian, Pushparaj Prakash Parab, Zerong Liu, Aidong Lu

15:15 15:25 pm

Poster Fast Forward
Moderated by Sean McKenna

15:25 15:50 pm

Best Presentation Award, Closing
Moderated by Robert Gove

15:50 16:10 pm

Coffee Break


Dr Chris Oehmen

Dr. Chris Oehmen
Pacific Northwest National Laboratory

Visualization in an Autonomic World: Establishing Trust, Maintaining Control, and Imparting Resilience

The increasingly time-sensitive requirements that bind logical and physical realms is driving an ecosystem of users, software, hardware, and physical systems towards a world where autonomic control is the norm, not the exception. For example, some critical infrastructure components must react to threats and hazards on the time scale of milliseconds but are managed and operated by human practitioners who operate at a seconds-to-hours time scale. From this perspective, hierarchical control that imparts some degree of autonomy on subsystems is therefore essential for operating in the presence of non-innumerable adversarial and natural hazards. But as systems make more of their own decisions, humans have an increasing need for visualization for 1) transparency into autonomous subsystem decision-making; 2) sensing and control; and 3) reasoning over possible future states of the system. Transparency is essential for building trust in autonomous decision making. Understanding current system state is a prerequisite for efficient operation. The ability to reason over possible future states provides a basis for prioritizing proactive and reactive actions to drive overall system survivability and resilience. As long as humans remain in (or on) these decision loops, there will be a need to visualize complex and dynamic state information—reflecting the system’s past, present, and future. As these systems grow in complexity, interconnectedness, and autonomy, new paradigms of visualization will be essential for safe and efficient operation and control.


Chris received his B.A. in physics and mathematics from Saint Louis University in 1995. He earned M.S. and Ph.D. degrees in biomedical engineering from the University of Memphis/University of Tennessee, HSC Joint program in 1999 and 2003, respectively. Since then, he has been at PNNL as a research scientist, previously serving as the lead for the Asymmetric Resilient Cybersecurity Initiative. His research is built on a foundation of high performance computing applications in biology, with special emphasis on how these biological approaches can be used as a new paradigm for other fields such as cybersecurity. He has led multiple efforts focused on adaptive, resilient cyber systems inspired in part by complex biological systems. His resilience and active defense work rely on a foundational application of biological principles for survivability and regeneration with special emphasis on facilitating human control of complex systems.


The poster viewing will be held with the main IEEE VIS poster session on Wednesday 5:10-7:00 PM.

  • Segmentrix: A Network Visualization Tool to Develop and Monitor Micro-Segmentation Strategies by Aditeya Pandey, Larry Chan, Raven Gao, Joy Scott, Brian Staats    Best Poster

  • Cyber Defense Operation using CyCOP: A Cyber Situational Awareness Tool to Support Decision-Making by Sungyoung Cho, Koohyung Kwon, Sungmo Koo, Haengrok Oh

  • Attack Scenario Visualization for Situational Awareness in Cyber Defense Operation by Yongwoo Park Minchul Kim, Hansam Seo, Jaepil Youn, Insung Han, Sungyoung Cho,

Call for Papers

The 16th IEEE Symposium on Visualization for Cyber Security (VizSec) is a forum that brings together researchers and practitioners from academia, government, and industry to address the needs of the cyber security community through new and insightful visualization and analysis techniques. VizSec provides an excellent venue for fostering greater exchange and new collaborations on a broad range of security- and privacy-related topics. VizSec will be held in Vancouver, Canada in conjunction with IEEE VIS, on Wednesday, October 23rd 2019.

This year, VizSec will be more closely integrated with the IEEE VIS program. VizSec will take place during the main week of the conference, giving VizSec authors and attendees enhanced access to IEEE VIS, the premier forum for advances in theory, methods, and applications of visualization and visual analytics.

The purpose of VizSec is to explore effective and scalable visual interfaces for security domains such as network security, computer forensics, reverse engineering, insider threat detection, cryptography, privacy, user assisted attacks prevention, compliance management, wireless security, secure coding, and penetration testing.

Please feel free to download and distribute the call flier.

Technical Papers

Full papers describing novel contributions in security visualization are solicited. Papers may present techniques, applications, theory, analysis, experiments, or evaluations. We encourage the submission of papers on technologies and methods that promise to improve cyber security practices, including, but not limited to::

  • Situation awareness and/or understanding
  • Incident handling including triage, exploration, correlation, and response
  • Computer forensics
  • Machine learning and explainable AI for cybersecurity
  • Visual analytics for cybersecurity
  • Data protection & privacy
  • Blockchain performance & security
  • Cybersecurity in critical infrastructure
  • Recording and reporting results of investigations
  • Assisting proactive security configuration and deployment
  • Reverse engineering and malware analysis
  • Vulnerability management
  • Multiple data source analysis
  • Analyzing information requirements for computer network defense
  • Evaluation and/or user testing of VizSec systems
  • Criteria for assessing the effectiveness of cyber security visualizations (whether from a security goal perspective or a human factors perspective)
  • Modeling system and network behavior
  • Modeling attacker and defender behavior
  • Studying risk and impact of cyber attacks
  • Predicting future attacks or targets
  • Security metrics
  • Software security
  • Mobile application security
  • Social networking privacy and security
  • Training & education

When applicable, visualization and interaction techniques that effectively capture the insights of human analysts and/or allow analysts to collaborate efficiently are particularly desirable.

Submissions including tests and evaluations of existing tools and techniques are also considered particularly desirable. If possible, making the data used for the tests available will also be considered positively. If you do not have real-world data to demonstrate your visualization, you may be interested in looking at the VAST Challenge Data Sets page.

Short Papers

Short papers describing initial research results, concise research contributions or incremental work on the above topics, even including practical applications of security visualization, are solicited. We encourage the submission of papers discussing the introduction of cyber security visualizations into operational context, including, but not limited to:

  • Cases where visualization made positive contributions towards meeting operational needs
  • Gaps or negative outcomes from visualization deployments
  • Situations where visualization was not utilized, but could have had a positive impact
  • Lessons learned from operational engagements
  • Insights gained from the transition process

Cyber security practitioners from industry, as well as the research community, are encouraged to submit case studies.


Poster submissions may showcase late-breaking results, work in progress, preliminary results, or visual representations relevant to the VizSec community. The poster program will be a great opportunity for the authors to interact with the attendees, potentially also through live demos, and solicit feedback. Accepted poster abstracts will be made available on this website.


There will be an award for the best paper from the accepted program. This award will be given to the paper judged to have the highest overall quality as determined by the program committee. Key elements of the selection process include whether papers include evaluation, repeatable results, and open-source data or software. Authors of the best paper will be invited for submission to Transactions on Visualization and Computer Graphics. Both full and short papers are eligible.

There will also be an award for Best Presentation and an award for Best Poster. Each award comes with a $50 USD Amazon gift card thanks to our sponsor, Two Six Labs. These awards will recognize authors’ efforts to clearly and concisely present their work to the audience. The awards will be determined by anonymous judges and given to recipients at the end of the conference.


The VizSec 2019 Proceedings will be published by IEEE. Submissions must be formatted using the IEEE VGTC conference proceedings template that can be found at: VizSec uses the Precision Conference System (PCS) to handle paper and poster submissions and the reviewing processes.

VizSec full papers are limited to 9 pages of content plus an additional 2 pages of references. Papers may be shorter than this but must make a similar contribution to a longer paper. Reviewers are not required to read the appendices or any pages past the maximum. Short papers should be at most 4 pages plus 1 page of references. Posters should be 2 page abstracts.

Posters should be 2 page abstracts including references. Accepted poster authors must present a corresponding poster during VizSec. The poster authors can determine the layout by themselves, but the dimensions of the posters should not exceed the A0 space (841mm x 1189mm or 33.1" x 46.8"). Additionally, poster authors are requested to give a brief oral preview during a "fast forward" session.

Submissions not meeting these guidelines will be rejected without consideration of their merit. Reviews are single-blind, so authors may include names and affiliations in their submissions. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Authors of accepted papers must guarantee that their papers will be presented at the conference.

VizSec uses the Precision Conference System (PCS) to handle their paper and poster submissions and reviewing processes.

Important Dates

All deadlines are 5:00 PM PST.

June 19 2019 (Extended!) Submissions due for Full and Short Papers

July 19 2019 Author notification for Full and Short Papers

August 10 2019 Fast forward deadline

August 15 2019 Camera ready submission and copyright forms

August 3 2019 Submissions due for Poster Abstracts

August 17 2019 Author notification for Posters

October 23 2019 VizSec 2019


Organizing Committee

Program Committee

  • Marco Angelini Sapienza University of Rome
  • Andrea Brennen In-Q-Tel
  • Laurin Buchanan Secure Decisions
  • Bram Cappers University of Technology Eindhoven (Tu/e)
  • Siming Chen Fraunhofer IAIS
  • Ann Cox U.S. Department of Homeland Security, Cyber Security Division
  • Sophie Engle University of San Francisco
  • Fabian Fischer University of Konstanz
  • Carrie Gates Securelytix
  • John Gerth Stanford University
  • Mohammad Ghoniem Luxembourg Institute of Science and Technology
  • John Goodall Oak Ridge National Laboratory
  • Robert Gove Two Six Labs
  • Lane Harrison Worcester Polytechnic Institute
  • Christopher Humphries INRIA
  • Jörn Kohlhammer Fraunhofer IGD
  • Philip Legg University of the West of England
  • Laetitia Leichtnam CentraleSupélec
  • Timothy Leschke Johns Hopkins University
  • Frédéric Majorczyk DGA
  • Raffael Marty Loggly
  • Sean McKenna University of Utah
  • Stephen North Infovisible, LLC
  • Celeste Paul U.S. Department of Defense, University of Maryland
  • Nicolas Prigent LSTI
  • Noëlle Rakotondravony Universität Passau
  • Rosa Romero-Gómez Uncharted Field Services Corporation
  • Giuseppe Santucci University of Rome "La Sapienza"
  • Graig Sauer U.S. Department of Defense, Towson University
  • Awalin Sopan Sophos
  • Sebastien Tricaud Devo
  • David Trimm U.S. Department of Defense

Steering Committee

Greg Conti, IronNet Cybersecurity

Deborah Frincke, National Security Agency

John Gerth, Stanford University

John Goodall, Oak Ridge National Laboratory

Lane Harrison, Worcester Polytechnic Institute

Kwan-Liu Ma, University of California at Davis

Kirsten Whitley, U.S. Department of Defense

Sophie Engle, University of San Francisco

Diane Staheli, MIT Lincoln Laboratory