OpenIDEO is an open innovation platform. Join our global community to solve big challenges for social good. Sign Up / Login or Learn more

Mastering the Hunt

An interface that abstracts the functional transformations required during the act of hunting malicious intent.

Photo of Mike Szegedy
5 0

Written by

Sketch 1 (1,500 characters)

The art of hunt for malicious activity is a unique process within cybersecurity investigation. Against government and military, the attackers often have the resources of nation-states to employ novel TTPs. Commercial tools focus on known attack patterns, alerts and aggregate data visualization. Tools that support the exploratory process of the hunt that are available (Silk, kibana etc.) focused on low level capacities that are based on unique scripting. They lack an abstraction layer to transform raw data into a form that reveals the presence and trail of an attack. Because the tools are primitive the solutions are point solutions and scripting languages. These skills are hard to learn and are not transferrable.

Sketch 2 (1,500 characters)

As observed during my time with *Government Agency* the time to train a physical security agent to a state of minimal effectiveness was almost one year and almost two years to get to the state of a senior asset. When these individuals rotated back to the field their knowledge and expertise on the subject was lost and their skills molder of the course of an extended detail elsewhere in the organization. Commercial tools have GUI displays and presentation dashboards because the material is well known and well analyzed.

What have you learned through this sketching process? (1,000 characters)

This domain has been neglected for several reasons: Organizations are often siloed or reticent to share instances of when they identified a previous compromise identified within their system. The customer base is small and the need for this type of toolset is not ever-present unlike more general monitoring tools. By the time analysts have built this expertise they have rotavated out or moved to private industry as their skillset is rare and highly coveted. Domain expertise is primarily stored in the heads of the analysts and leaves with them (tacit knowledge).

Tell us more about you. (1,000 characters)

I'm a UX designer/researcher at Carnegie Mellon University working at the Software Engineering Institute for a group called CERT. We are an FFRDC sponsored by the DOD. I have had the opportunity to research in many areas of government and military over my time here.

Why are you participating in this Challenge? (750 characters)

It seems like an interesting approach, I observe these issues on a regular basis and am curious to see others takes on the subject.

Website(s)

https://www.linkedin.com/in/michaelszegedy/

What is your experience with the field of cybersecurity?

  • I have considerable experience and/or knowledge in the cybersecurity field.

What best describes you?

  • I’m a professional visual creator affiliated with an organization.

How did you hear about this OpenIDEO Challenge?

  • Someone in my network (word of mouth)

Location: City

Pittsburgh

Location: State / District

Pa

Location: Country

  • United States of America

Attachments (1)

flow.pdf

Concept workflow for a path based interface for cybersecurity investigation.

5 comments

Join the conversation:

Comment
Photo of Dima Boulad

Welcome to the challenge Mike Szegedy , and thank you for your valuable information on the topic of Surveillance. Since this is a Visual Challenge, how would you visualize the concept into a composition, into a visual that tells the story of those tools that can prevent the attacks? Feel free to submit sketches during the ideas phase to benefit from our team of experts who can provide feedback before finalizing your submission!

Photo of Mike Szegedy

I'd like to add the concepts I have but have been unable to upload through the tools provided

Photo of Dima Boulad

Hello again! All fixed now. You can now upload images to the challenge, as long as they're not from links, but from your drive. Looking forward to it!

Photo of Mike Szegedy

Thanks uploaded

View all comments