Magnifying glassVizSec 2021

Welcome to 18th IEEE Symposium on Visualization for Cyber Security

VizSec 2021 will be held in conjunction with IEEE VIS on October 27, 2021. VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.

To register for VizSec, see the IEEE VIS registration page.

Questions? Please email for questions regarding VizSec 2021.


All times are Central Time (USA CDT, UTC-5)

08:00 - 09:30
Session 1: Opening, Keynote & Best Paper
moderated by Marco Angelini

08:00 - 08:15
Opening Presentation by Marco Angelini
08:15 - 09:05
Keynote by John Goodall, Oak Ridge National Laboratory.
Please see below for bio.
09:05 - 09:10
Best Paper Introduction by Rosa Romero Gómez
09:10 - 09:30
09:30 - 10:00

10:00 - 11:30
Session 2: Machine Learning & Privacy
moderated by Chris Bryan

10:20- 10:40
BUCEPHALUS: a BUsiness CEntric cybersecurity Platform for proActive anaLysis Using visual analyticS
by Marco Angelini, Graziano Blasilli, Silvia Bonomi, Simone Lenti, Alessia Palleschi, Giuseppe Santucci, Emiliano De Paoli
10:40- 11:00
Decision Support for Sharing Data Using Differential Privacy
by Mark F. St. John, Grit Denker, Peeter Laud, Karsten Martiny, Alisa Pankova, Dusko Pavlovic
11:00- 11:15
SAGE: Intrusion Alert-driven Attack Graph Extractor (short paper)
by Azqa Nadeem, Sicco Verwer, Shanchieh Jay Yang
11:15- 11:30
11:30 - 12:00

12:00 - 13:15
Session 3: Threat Detection, Computer Forensics & Software Vulnerability Analysis
moderated by Rosa Romero Gómez

12:00 - 12:20
Developing Visualisations to Enhance an Insider Threat Product: A Case Study
by Martin Graham, Robert Kukla, Oleksii Mandrychenko, Darren Hart, Jessie B Kennedy
12:20 - 12:40
Visual Decision-Support for Live Digital Forensic Investigations
by Fabian Böhm, Ludwig Englbrecht, Sabrina Friedl, Guenther Pernul
12:40 - 13:00
User-Centered Design of Visualizations for Software Vulnerability Reports
by Steven Lamarr Reynolds, Tobias Mertz, Steven Arzt, Jörn Kohlhammer

13:15 - 13:20
Poster Session
moderated by Awalin Sopan and Steven Gomez

Best Poster Award Interactive, Visual Uncertainty Quantification for Encrypted Network Traffic Situation Awareness
by Harry Li, Allan Wollaber
Abstract Poster
Interactive Process Tree Analysis: Exploring the Behaviour of Processes with Visual Analytics for Security Operators
by Robert-Carl Rapp, Franziska Becker, Christoph Müller, Paolo Palumbo
Abstract Poster
Design of Privacy Preservation System in Augmented Reality
by Yoonsang Kim, Saeed Boorboor, Amir Rahmati, Arie Kaufman
Abstract Poster

13:20 - 13:30
Closing Session
moderated by Marco Angelini

Your feedback is very welcome. Please fill out this survey: or contact us via email: Thank you very much and see you next year!


Lessons learned from 17 years of VizSec research

John Goodall
Oak Ridge National Laboratory

John Goodall

John Goodall is a Research Scientist in the Cyber Resilience and Intelligence Division in the National Security Sciences Directorate at Oak Ridge National Laboratory. There, he leads the Augmented Analyst Intelligence group. His research experience and interests include: visual analytics, information visualization, human-computer interaction, computer network defense, and computer-supported cooperative work; he is particularly interested in the intersection between these areas. His work has included research into the work practice and collaborative work flows among Computer Network Defense analysts and the design of systems to facilitate the exploration and knowledge building activities inherent in that domain. He served as the Chair of the Symposium on Visualization for Cyber Security (VizSec) in 2007 and 2008.

VizSec 2021 Call for Papers

The 18th IEEE Symposium on Visualization for Cyber Security (VizSec) is a forum that brings together researchers and practitioners from academia, government, and industry to address the needs of the cyber security community through new and insightful visualization and analysis techniques. VizSec provides an excellent venue for fostering greater exchange and new collaborations on a broad range of security- and privacy-related topics.

VizSec will take place on October 27, 2021, in conjunction with the 2021 IEEE VIS conference, giving VizSec authors and attendees enhanced access to IEEE VIS, the premier forum for advances in theory, methods, and applications of visualization and visual analytics. As the 2021 IEEE VIS conference will again be virtual, the VizSec program will also be presented in an online format with virtual presentations.

The purpose of VizSec is to explore effective and scalable visual interfaces for security domains such as network security, computer forensics, reverse engineering, insider threat detection, cryptography, privacy, user assisted attacks prevention, compliance management, wireless security, secure coding, and penetration testing.

Technical Papers

Full papers describing novel contributions in security visualization are solicited. Papers may present techniques, applications, theory, analysis, experiments, or evaluations. We encourage the submission of papers on technologies and methods that promise to improve cyber security practices, including, but not limited to:

  • Situation awareness and/or understanding
  • Incident handling including triage, exploration, correlation, and response
  • Computer forensics
  • Machine learning & explainable AI for cybersecurity
  • Adversarial machine learning visualization
  • Adversarial visualization
  • Visual analytics for cybersecurity
  • Data protection & privacy
  • Blockchain performance & security
  • Cybersecurity in critical infrastructure
  • Collaborative visualization for cybersecurity & provenance
  • Recording and reporting results of investigations
  • Assisting proactive security configuration and deployment
  • Reverse engineering and malware analysis
  • Vulnerability management
  • Multiple data source analysis
  • Analyzing information requirements for computer network defense
  • Evaluation and/or user testing of VizSec systems
  • Criteria for assessing the effectiveness of cyber security visualizations (whether from a security goal perspective or a human factors perspective)
  • Modeling system and network behavior
  • Modeling attacker and defender behavior
  • Studying risk and impact of cyber attacks
  • Predicting future attacks or targets
  • Security metrics
  • Software security
  • Mobile application security
  • Social networking privacy and security
  • Training & education

Submissions including tests and evaluations of the proposed tools and techniques are also considered particularly desirable. If possible, making the data used for the tests available will also be considered positively. If you do not have real-world data to demonstrate your visualization, you may be interested in looking at the VizSec dataset links. Please see past years proceedings and websites to see the quality and examples of previous submissions. Previous VizSec papers may also be found on the VizSec Papers Browser and on IEEE Xplore.

Short Papers

Short papers describing initial research results, concise research contributions or incremental work on the above topics, even including practical applications of security visualization, are solicited. We encourage the submission of papers discussing the introduction of cyber security visualizations into operational context, including, but not limited to:

  • Cases where visualization made positive contributions towards meeting operational needs
  • Gaps or negative outcomes from visualization deployments
  • Situations where visualization was not utilized, but could have had a positive impact
  • Lessons learned from operational engagements
  • Insights gained from the transition process

Cyber security practitioners from industry, as well as the research community, are encouraged to submit case studies.

Position Papers

Position papers focus on topics needing or calling for discussion or reconsideration of forgotten topics relevant for the VizSec community. They should report a clear position on the target topic and should also suggest a proposal or actions regarding the target topic. They should stimulate imaginative and hypothesis-driven research. In particular, we encourage submissions both from researchers inside the visualization community and outside, such as researchers and practitioners from pure cybersecurity domains who currently do not broadly employ visualization in their work.


Poster submissions may showcase late-breaking results, work in progress, preliminary results, or visual representations relevant to the VizSec community. In line with the full conference, the presentation of posters will take place online. There will be 1-2 dedicated poster sessions in which poster authors can virtually meet and discuss their work with conference participants. An additional web presence of posters will replace the traditional physical installation of poster boards. More concrete details will follow soon.


There will be an award for the best full paper from the accepted program. This award will be given to the paper judged to have the highest overall quality as determined by the program committee. Key elements of the selection process include whether papers include evaluation, repeatable results, and open-source data or software. Authors of the best paper will be invited for submission to Transactions on Visualization and Computer Graphics.

There will also be an award for Best Poster. This award will recognize authors’ efforts to clearly present their work to the audience. The award will be determined by anonymous judges and given to recipients at the end of the conference.


The VizSec 2021 Proceedings will be published by IEEE. Submissions must be formatted using the IEEE VGTC conference proceedings template that can be found at:

VizSec full papers are limited to 9 pages of content plus an additional 2 pages of references. Papers may be shorter than this but must make a similar contribution to a longer paper. Reviewers are not required to read the appendices or any pages past the maximum. Short papers should be at most 4 pages plus 1 page of references. Position papers may be up to 4 total pages including references. Posters should be 2 page abstracts, including references. Presenters are also encouraged to submit an accompanying video or other supplementary materials by following the IEEE VIS formatting guidelines.

Submissions not meeting these guidelines will be rejected without consideration of their merit. Reviews are single-blind, so authors may include names and affiliations in their submissions. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Authors of accepted papers must guarantee that their papers will be presented at the conference.

Paper submissions:
Go to, then making a new submission to Society: VGTC, Conference/Journal: VIS 2021, Track: VIS 2021 Visualization for Cyber Security (VizSec)

Poster submissions:
Go to, then make a new submission to Society: VGTC, Conference/Journal: VIS 2021 >> Track: VIS 2021 VizSec Posters. Authors of accepted posters will be asked to submit an electronic poster following the IEEE VIS instructions for the posters.

Important Dates

All deadlines are 5:00 PM PST.

Paper deadlines: Extended!

June 21, 2021 June 28, 2021Expired! Submission deadline for full, short, and position papers

July 19, 2021 July 28, 2021Author notifications

Aug 9, 2021 Aug 16, 2021Camera ready submissions and copyright forms due

Poster deadlines: Extended!

July 29, 2021 Aug 04, 2021Expired! Submission deadline for posters

Aug 9, 2021 Aug 16, 2021Author notifications

Sep 01, 2021 Sep 08, 2021Camera-ready abstract, Electronic poster, and Preview Image

VizSec will be held on October 27, 2021.


Organizing Committee

Program Committee

  • Marco Angelini University of Rome "La Sapienza"
  • Kenneth Alperin MIT Lincoln Lab
  • Dustin Arendt Pacific Northwest National Laboratory
  • Daniel Best Pacific Northwest National Laboratory
  • Fabian Böhm Universitat Regensburg
  • Siming Chen Fraunhofer IAIS, University of Bonn
  • Ann Cox Cyber Security Division
  • Aritra Dasgupta New Jersey Institute of Technology
  • Robertas Damaševičiu Department of Computer Science Kaunas, University of Technology Kaunas
  • Sophie Engle University of San Francisco
  • Carie Gates Securelytix
  • John Gerth Stanford University
  • Steven Gomez MIT Lincoln Laboratory
  • John Goodall Oak Ridge National Laboratory
  • Robert Gove Two Six Technologies
  • Lane Harrison Worcester Polytechnic Institute
  • Jörn Kohlhammer Fraunhofer IGD
  • Adarsh Kyadige Sophos
  • Phil Legg University of the West of England
  • Laetitia Leichtnam CentraleSupélec
  • Frédéric Majorczyk DGA-MI
  • Raffael Marty Forcepoint
  • Radek Ošlejšek Masaryk University, Brno
  • Dipakkumar Pravin University of North Texas
  • Nicolas Prigent LSTI
  • Noëlle Rakotondravony Worcester Polytechnic Institute
  • Rosa Romero-Gómez Uncharted Field Services Corporation
  • Dennis Ross MIT Lincoln Laboratory
  • Giuseppe Santucci University of Rome "La Sapienza"
  • Graig Sauer U.S. Department of Defense
  • Christopher Simpson National University
  • Awalin Sopan Sophos
  • Diane Staheli MIT Lincoln Laboratory
  • Sébastien Tricaud Splunk
  • David Trimm U.S. Department of Defense
  • Xumeng Wang Zhejiang University

Steering Committee

  • Dustin Arendt Pacific Northwest National Laboratory
  • Dan Best Herjavec Group
  • Sophie Engle University of San Francisco
  • Robert Gove Two Six Technologies
  • Jörn Kohlhammer Fraunhofer IGD
  • Diane Staheli MIT Lincoln Laboratory