The Visual Analytics Approach for Analyzing Trajectories of Critical Infrastructure Employers

• Main Authors: Evgenia Novikova, Igor Kotenko, Ivan Murenin
• Format: Article
• Language: English
• Published: MDPI AG 2020-08-01
• Series: Energies
• Subjects: visual analytics; data mining; moving entities; route patterns; anomaly detection; self-organizing Kohonen maps
• Online Access: https://www.mdpi.com/1996-1073/13/15/3936

Employees of different critical infrastructures, including energy systems, are considered to be a security resource, and understanding their behavior patterns may leverage user and entity behavior analytics and improve organization capabilities in information threat detection such as insider threat and targeted attacks. Such behavior patterns are particularly critical for power stations and other energy companies. The paper presents a visual analytics approach to the exploratory analysis of the employees’ routes extracted from the logs of the access control system. Key elements of the approach are interactive self-organizing Kohonen maps used to detect groups of employees with similar movement trajectories, and heat maps highlighting possible anomalies in their movement. The spatiotemporal patterns of the routes are presented using a Gantt chart-based visualization model named BandView. The paper also discusses the results of efficiency assessment of the proposed analysis and visualization models. The assessment procedure was implemented using artificially generated and real-world data. It is demonstrated that the suggested approach may significantly increase the efficiency of the exploratory analysis especially under the condition when no prior information on existing employees’ moving routine is available.