SIMURG: Strategic intelligent framework for realtime3D visualization and high-altitude analysis of global cyber threats
DOI:
https://doi.org/10.4108/eetinis.13.12740Keywords:
Cyber Attack, Cyber Threat Visualization, WebGL Visualization, Cyber Threat Intelligence, Real-Time Visualization, Situational AwarenessAbstract
The increasing volume and variety of cyber threats on a global scale make it difficult for security analysts to provide real-time situational awareness, pointing out the inadequacy of traditional two-dimensional (2D) visualization approaches. This study proposes SIMURG (Strategic Intelligent Monitoring and Unified Response Graph), a web-based and hardware-independent three-dimensional (3D) visualization system aimed at analyzing global cyber threats in real-time and intuitively. Named after the legendary bird of Turkic mythology to symbolize a sovereign, high-altitude perspective over the digital landscape, the system translates this metaphorical wisdom into a holistic monitoring framework. The system collects and processes cyber threat intelligence and OSINT-based data streams together with their timestamps, and visualizes source-target relationships, attack density, and geographic distributions on an interactive WebGL-based 3D globe. To support situational awareness, threat information is represented using multiple visual attributes, including color, height, and object size. Experimental evaluations indicate that SIMURG maintains an average rendering performance of 43.5 frames per second (FPS) while displaying 3,504 active nodes and up to 1,752 simultaneous attacks. When operating in batch analysis mode, supported by dedicated optimization algorithms, the refresh rate exceeds 144 FPS. In addition, analyses conducted on six months of historical data show that the system can reveal recurring temporal patterns in cyber threats and provide useful insights for operational decision-making.
Downloads
References
[1] W. Rafique, L. Qi, I. Yaqoob, M. Imran, R. U. Rasool, and W. Dou, “Complementing iot services through software defined networking and edge computing: A comprehensive survey,” IEEE Communications Surveys G Tutorials, vol. 22, no. 3, pp. 1761–1804, 2020.
[2] A. Zafar, F. Samad, H. J. Syed, A. O. Ibrahim, M. Alohaly, and M. Elsadig, “An advanced strategy for addressing heterogeneity in sdn-iot networks for ensuring qos,” Applied Sciences, vol. 13, no. 13, p. 7856, 2023.
[3] H. Mateen and M. Shahzad, “Factors effecting businesses due to distributed denial of service (ddos) attack,” in 2021 International Conference on Innovative Computing (ICIC). IEEE, 2021, pp. 1–7.
[4] M. O. Kaya, M. Ozdem, and R. Das, “A new hybrid approach combining gcn and lstm for real-time anomaly detection from dynamic computer network data,” Computer Networks, p. 111372, 2025.
[5] M. A. Ameedeen, R. A. Hamid, T. H. Aldhyani, L. A. K. M. Al-Nassr, S. O. Olatunji, and P. Subramanian, “A framework for automated big data analytics in cybersecurity threat detection,” Mesopotamian Journal of Big Data, vol. 2024, pp. 175–184, 2024.
[6] L. Jiang, A. Jayatilaka, M. Nasim, M. Grobler, M. Zahedi, and M. A. Babar, “Systematic literature review on cyber situational awareness visualizations,” Ieee Access, vol. 10,
pp. 57 525–57 554, 2022.
[7] A. R. Muhammad, P. Sukarno, and A. A. Wardana, “Integrated security information and event management (siem) with intrusion detection system (ids) for live analysis based on machine learning,” Procedia Computer Science, vol. 217, pp. 1406–1415, 2023.
[8] S. Tariq, M. Baruwal Chhetri, S. Nepal, and C. Paris, “Alert fatigue in security operations centres: Research challenges and opportunities,” ACM Computing Surveys, vol. 57, no. 9, pp. 1–38, 2025.
[9] D. G. Havlick and T. H. D. Dao, “Revealing vertical geopolitics: Quantifying the volume of militarised restricted airspaces in the usa using gis,” Transactions of the Institute of British Geographers, vol. 48, no. 4, pp. 797–810, 2023.
[10] H. M. Shakeel, S. Iram, H. Al-Aqrabi, T. Alsboui, and R. Hill, “A comprehensive state-of-the-art survey on data visualization tools: Research developments, challenges and future domain specific visualization framework,” IEEE Access, vol. 10, pp. 96 581–96 601, 2022.
[11] N. Moustafa, N. Koroniotis, M. Keshk, A. Y. Zomaya, and Z. Tari, “Explainable intrusion detection for cyber defences in the internet of things: Opportunities and solutions,” IEEE Communications Surveys G Tutorials, vol. 25, no. 3, pp. 1775–1807, 2023.
[12] Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions,” Electronics, vol. 12, no. 6, p. 1333, 2023.
[13] E. H. Korkut and E. Surer, “Visualization in virtual reality: a systematic review,” Virtual Reality, vol. 27, no. 2, pp. 1447–1480, 2023.
[14] S. Chakraborty, S. K. Pandey, S. Maity, and L. Dey, “Detection and classification of novel attacks and anomaly in iot network using rule based deep learning model,” SN Computer Science, vol. 5, no. 8, p. 1056, 2024.
[15] H. Sonwani, M. Divya, A. Dhawan, A. Mantri, H. Kumar et al., “A comprehensive study on threat intelligence platform,” in 2022 International Conference on Communi-cation, Computing and Internet of Things (IC3IoT). IEEE, 2022, pp. 1–5.
[16] T. F. Ask, K. Kullman, S. Sütterlin, B. J. Knox, D. Engel, and R. G. Lugo, “A 3d mixed reality visualization of network topology and activity results in better dyadic cyber team communication and cyber situational awareness,” Frontiers in big Data, vol. 6, p. 1042783, 2023.
[17] B. Munsinger, N. Beebe, and T. Richardson, “Virtual reality for improving cyber situational awareness in security operations centers,” Computers G Security, vol. 132, p. 103368, 2023.
[18] M.-H. M. Chung, Y. A. Yang, L. Wang, G. Cento, K. Jerath, P. Taank, A. Raman, J. H. Chan, and M. H. Chignell, “Enhancing cybersecurity situation awareness through visualization: A usb data exfiltration case study,” Heliyon, vol. 9, no. 1, 2023.
[19] K. Kim, J. Youn, S. Yoon, J. Kang, K. Kim, and D. Shin, “Study on cyber common operational picture framework for cyber situational awareness,” Applied Sciences, vol. 13, no. 4, p. 2331, 2023.
[20] D. H. Jeong, J.-H. Cho, F. Chen, L. Kaplan, A. Jøsang, and S.-Y. Ji, “Interactive web-based visual analysis on network traffic data,” Information, vol. 14, no. 1, p. 16, 2022.
[21] W. Zong, Y.-W. Chow, and W. Susilo, “Interactive three-dimensional visualization of network intrusion detection data for machine learning,” Future Generation Computer Systems, vol. 102, pp. 292–306, 2020.
[22] L. J. Borges Amaro, B. W. Percilio Azevedo, F. L. Lopes de Mendonca, W. F. Giozza, R. d. O. Albuquerque, and L. J. Garcia Villalba, “Methodological framework to collect, process, analyze and visualize cyber threat intelligence data,” Applied Sciences, vol. 12, no. 3, p. 1205, 2022.
[23] I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “An evaluation framework for network security visualiza-tions,” Computers G Security, vol. 84, pp. 70–92, 2019.
[24] Y. Feng, J. Li, J. Mirkovic, C. Wu, C. Wang, H. Ren, J. Xu, and Y. Liu, “Unmasking the internet: A survey of fine-grained network traffic analysis,” IEEE Communications Surveys G Tutorials, 2025.
[25] D. Clark and B. P. Turnbull, “Interactive 3d visualization of network traffic in time for forensic analysis.” in VISIGRAPP (3: IVAPP), 2020, pp. 177–184.
[26] H. Shiravi, A. Shiravi, and A. A. Ghorbani, “A survey of visualization systems for network security,” IEEE Transactions on visualization and computer graphics, vol. 18, no. 8, pp. 1313–1329, 2011.
[27] H. Ahmad, F. Ullah, and R. Jafri, “A survey on immersive cyber situational awareness systems,” Journal of Cybersecurity and Privacy, vol. 5, no. 2, p. 33, 2025.
[28] V. Cobilean, H. S. Mavikumbure, B. J. Mcbride, B. Vaagensmith, V. K. Singh, R. Li, C. Rieger, andM. Manic, “A review of visualization methods for cyber-physical security: Smart grid case study,” IEEE Access, vol. 11, pp. 59 788–59 803, 2023.
[29] D. H. Jeong, B.-K. Jeong, and S.-Y. Ji, “Multi-resolution analysis with visualization to determine network attack patterns,” Applied Sciences, vol. 13, no. 6, p. 3792, 2023.
[30] G. Bendiab, S. Shiaeles, A. Alruban, and N. Kolokotronis, “Iot malware network traffic classification using visual representation and deep learning,” in 2020 6th IEEE Conference on Network Softwarization (NetSoft). IEEE, 2020, pp. 444–449.
[31] M. Aminu, A. Akinsanya, D. A. Dako, and O. Oyedokun, “Enhancing cyber threat detection through real-time threat intelligence and adaptive defense mechanisms,” International Journal of Computer Applications Technology and Research, vol. 13, no. 8, pp. 11–27, 2024.
[32] K. D. O. Ofoegbu, O. S. Osundare, C. S. Ike, O. G. Fakeyede, and A. B. Ige, “Real-time cybersecurity threat detection using machine learning and big data analytics: A comprehensive approach,” Computer Science G IT Research Journal, vol. 4, no. 3, 2024.
[33] M. Rashed, I. T.-D. Viso, and A. I. González-Tablas, “A comparison of cyber intelligence platforms in the context of iot devices and smart homes,” Electronics, vol. 14, no. 22, p. 4503, 2025.
[34] M. O. Kaya, H. A. Dagdogen, M. Ozdem, and R. Das, “An effective new penetration test approach to detect web attacks on web applications,” Expert Systems with Applications, p. 129623, 2025.
[35] S. Fujii, N. Kawaguchi, T. Shigemoto, and T. Yamauchi, “Extracting and analyzing cybersecurity named entity and its relationship with noncontextual iocs from unstructured text of cti sources,” Journal of Information Processing, vol. 31, pp. 578–590, 2023.
[36] N. Yau, Visualize this: the FlowingData guide to design, visualization, and statistics. John Wiley & Sons, 2024.
[37] O. T. Taofeek, M. Alawida, A. Alabdulatif, A. E. Omolara, and O. I. Abiodun, “A cognitive deception model for generating fake documents to curb data exfiltration in networks during cyber-attacks,” IEEE Access, vol. 10, pp. 41 457–41 476, 2022.
[38] M. Alshehri, A. Abugabah, A. Algarni, and S. Almotairi, “Character-level word encoding deep learning model for combating cyber threats in phishing url detection,” Computers and Electrical Engineering, vol. 100, p. 107868, 2022.
[39] A. Tundis, S. Ruppert, and M. Mühlhäuser, “A feature-driven method for automating the assessment of osint cyber threat sources,” Computers G Security, vol. 113, p. 102576, 2022.
[40] R. Das and M. Soylu, “A key review on graph data science: The power of graphs in scientific studies,” Chemometrics and Intelligent Laboratory Systems, vol. 240, p. 104896, 2023.
[41] G. Yu, C. Liu, T. Fang, J. Jia, E. Lin, Y. He, S. Fu, L. Wang, L. Wei, and Q. Huang, “A survey of real-time rendering on web3d application,” Virtual Reality G Intelligent Hardware, vol. 5, no. 5, pp. 379–394, 2023.
[42] T. N. Alrumaih and M. J. Alenazi, “Cgaad: Centrality-and graph-aware deep-learning model for detecting cyberattacks targeting industrial control systems in critical infrastructure,” IEEE Internet of Things Journal, vol. 11, no. 13, pp. 24 162–24 182, 2024.
[43] C. Wang, J. Caja, E. Gómez, and P. Maresca, “Procedure for calibrating the z-axis of a confocal microscope: Application for the evaluation of structured surfaces,” Sensors, vol. 19, no. 3, p. 527, 2019.
[44] B. Duinkharjav, K. Chen, A. Tyagi, J. He, Y. Zhu, and Q. Sun, “Color-perception-guided display power reduction for virtual reality,” ACM Transactions on Graphics (TOG), vol. 41, no. 6, pp. 1–16, 2022.
[45] M. O. Kaya and R. Das, “Scalable object-relational mod-eling for synthesizing multi-format visual analytics of stix-based cyber threat intelligence data,” EAI Endorsed Transactions on Industrial Networks and Intelligent Sys-tems, vol. 13, no. 2, Jun. 2026.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Resul Das, Muhammed Onur Kaya

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
This is an open-access article distributed under the terms of the Creative Commons Attribution CC BY 3.0 license, which permits unlimited use, distribution, and reproduction in any medium so long as the original work is properly cited.
