SIMURG: Strategic intelligent framework for realtime3D visualization and high-altitude analysis of global cyber threats

Authors

DOI:

https://doi.org/10.4108/eetinis.13.12740

Keywords:

Cyber Attack, Cyber Threat Visualization, WebGL Visualization, Cyber Threat Intelligence, Real-Time Visualization, Situational Awareness

Abstract

The increasing volume and variety of cyber threats on a global scale make it difficult for security analysts to provide real-time situational awareness, pointing out the inadequacy of traditional two-dimensional (2D) visualization approaches. This study proposes SIMURG (Strategic Intelligent Monitoring and Unified Response Graph), a web-based and hardware-independent three-dimensional (3D) visualization system aimed at analyzing global cyber threats in real-time and intuitively. Named after the legendary bird of Turkic mythology to symbolize a sovereign, high-altitude perspective over the digital landscape, the system translates this metaphorical wisdom into a holistic monitoring framework. The system collects and processes cyber threat intelligence and OSINT-based data streams together with their timestamps, and visualizes source-target relationships, attack density, and geographic distributions on an interactive WebGL-based 3D globe. To support situational awareness, threat information is represented using multiple visual attributes, including color, height, and object size. Experimental evaluations indicate that SIMURG maintains an average rendering performance of 43.5 frames per second (FPS) while displaying 3,504 active nodes and up to 1,752 simultaneous attacks. When operating in batch analysis mode, supported by dedicated optimization algorithms, the refresh rate exceeds 144 FPS. In addition, analyses conducted on six months of historical data show that the system can reveal recurring temporal patterns in cyber threats and provide useful insights for operational decision-making.

Downloads

Download data is not yet available.

Author Biographies

  • Resul Das, Fırat University, Edinburgh Napier University

    Resul Daş is a Full Professor in the Department of Software Engineering at Firat University, Turkey, and is currently a Visiting Professor and Researcher at the Department of Cyber Security and System Engineering, Edinburgh Napier University, UK, under the TUBITAK 2219 Postdoctoral Research Fellowship program. He received his B.Sc. and M.Sc. degrees in Computer Science from Firat University in 1999 and 2002, respectively, and completed his Ph.D. in Electrical and Electronics Engineering in 2008. From 2017 to 2018, he conducted research as a Postdoctoral Fellow at the University of Alberta, Edmonton, Canada.
    Between 2000 and 2011, he served as a lecturer in the Department of Informatics and concurrently worked as a network and system administrator at the University's IT Center. Since 2002, he has been an instructor in the Cisco Networking Academy Program, delivering CCNA and CCNP courses. Prof. Daş has held significant leadership roles, including Head of the Software Engineering Department (2020–2023). He is a member of the Türk Telekom Science Board and has served as an Academic Consultant for prominent technology firms such as Logo, Netaş, Türk Telekom, and DGH Yazılım on major TUBITAK and Ministry of Industry-supported R&D projects.
    Prof. Daş is globally recognized for his academic contributions, consistently listed among the "World’s Top 2% Most Influential Scientists" by Stanford University researchers for seven consecutive years (2019–2025). According to Google Scholar, he holds an h-index of 31 with over 6100 citations. He serves as an Associate Editor for several prestigious journals, including Internet of Things (Elsevier), Alexandria Engineering Journal (Elsevier), Telematics and Informatics Reports (Elsevier), IEEE Open Journal of the Communications Society (OJ-COMS), and the International Journal of Grid and Utility Computing (Inderscience). Prof. Daş has successfully supervised 8 Ph.D. and 10 M.Sc. students. His research interests include computer networks, cybersecurity, AI-based IoT and systems engineering, graph data science and visualization, and software quality assurance and testing.

  • Muhammed Onur Kaya, Fırat University

    Muhammed Onur Kaya graduated from Firat University, Faculty of Technology, Department of Software Engineering in 2024. He is currently pursuing his MSc in the same department. He achieved second place in the 4th Project Competition Event for Future Engineers Competing with Their Designs. He works in the private sector as a software engineer specializing in artificial intelligence. His research interests include computer networks and security, cybersecurity, software testing, graph data science, and artificial intelligence.

References

[1] W. Rafique, L. Qi, I. Yaqoob, M. Imran, R. U. Rasool, and W. Dou, “Complementing iot services through software defined networking and edge computing: A comprehensive survey,” IEEE Communications Surveys G Tutorials, vol. 22, no. 3, pp. 1761–1804, 2020.

[2] A. Zafar, F. Samad, H. J. Syed, A. O. Ibrahim, M. Alohaly, and M. Elsadig, “An advanced strategy for addressing heterogeneity in sdn-iot networks for ensuring qos,” Applied Sciences, vol. 13, no. 13, p. 7856, 2023.

[3] H. Mateen and M. Shahzad, “Factors effecting businesses due to distributed denial of service (ddos) attack,” in 2021 International Conference on Innovative Computing (ICIC). IEEE, 2021, pp. 1–7.

[4] M. O. Kaya, M. Ozdem, and R. Das, “A new hybrid approach combining gcn and lstm for real-time anomaly detection from dynamic computer network data,” Computer Networks, p. 111372, 2025.

[5] M. A. Ameedeen, R. A. Hamid, T. H. Aldhyani, L. A. K. M. Al-Nassr, S. O. Olatunji, and P. Subramanian, “A framework for automated big data analytics in cybersecurity threat detection,” Mesopotamian Journal of Big Data, vol. 2024, pp. 175–184, 2024.

[6] L. Jiang, A. Jayatilaka, M. Nasim, M. Grobler, M. Zahedi, and M. A. Babar, “Systematic literature review on cyber situational awareness visualizations,” Ieee Access, vol. 10,

pp. 57 525–57 554, 2022.

[7] A. R. Muhammad, P. Sukarno, and A. A. Wardana, “Integrated security information and event management (siem) with intrusion detection system (ids) for live analysis based on machine learning,” Procedia Computer Science, vol. 217, pp. 1406–1415, 2023.

[8] S. Tariq, M. Baruwal Chhetri, S. Nepal, and C. Paris, “Alert fatigue in security operations centres: Research challenges and opportunities,” ACM Computing Surveys, vol. 57, no. 9, pp. 1–38, 2025.

[9] D. G. Havlick and T. H. D. Dao, “Revealing vertical geopolitics: Quantifying the volume of militarised restricted airspaces in the usa using gis,” Transactions of the Institute of British Geographers, vol. 48, no. 4, pp. 797–810, 2023.

[10] H. M. Shakeel, S. Iram, H. Al-Aqrabi, T. Alsboui, and R. Hill, “A comprehensive state-of-the-art survey on data visualization tools: Research developments, challenges and future domain specific visualization framework,” IEEE Access, vol. 10, pp. 96 581–96 601, 2022.

[11] N. Moustafa, N. Koroniotis, M. Keshk, A. Y. Zomaya, and Z. Tari, “Explainable intrusion detection for cyber defences in the internet of things: Opportunities and solutions,” IEEE Communications Surveys G Tutorials, vol. 25, no. 3, pp. 1775–1807, 2023.

[12] Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions,” Electronics, vol. 12, no. 6, p. 1333, 2023.

[13] E. H. Korkut and E. Surer, “Visualization in virtual reality: a systematic review,” Virtual Reality, vol. 27, no. 2, pp. 1447–1480, 2023.

[14] S. Chakraborty, S. K. Pandey, S. Maity, and L. Dey, “Detection and classification of novel attacks and anomaly in iot network using rule based deep learning model,” SN Computer Science, vol. 5, no. 8, p. 1056, 2024.

[15] H. Sonwani, M. Divya, A. Dhawan, A. Mantri, H. Kumar et al., “A comprehensive study on threat intelligence platform,” in 2022 International Conference on Communi-cation, Computing and Internet of Things (IC3IoT). IEEE, 2022, pp. 1–5.

[16] T. F. Ask, K. Kullman, S. Sütterlin, B. J. Knox, D. Engel, and R. G. Lugo, “A 3d mixed reality visualization of network topology and activity results in better dyadic cyber team communication and cyber situational awareness,” Frontiers in big Data, vol. 6, p. 1042783, 2023.

[17] B. Munsinger, N. Beebe, and T. Richardson, “Virtual reality for improving cyber situational awareness in security operations centers,” Computers G Security, vol. 132, p. 103368, 2023.

[18] M.-H. M. Chung, Y. A. Yang, L. Wang, G. Cento, K. Jerath, P. Taank, A. Raman, J. H. Chan, and M. H. Chignell, “Enhancing cybersecurity situation awareness through visualization: A usb data exfiltration case study,” Heliyon, vol. 9, no. 1, 2023.

[19] K. Kim, J. Youn, S. Yoon, J. Kang, K. Kim, and D. Shin, “Study on cyber common operational picture framework for cyber situational awareness,” Applied Sciences, vol. 13, no. 4, p. 2331, 2023.

[20] D. H. Jeong, J.-H. Cho, F. Chen, L. Kaplan, A. Jøsang, and S.-Y. Ji, “Interactive web-based visual analysis on network traffic data,” Information, vol. 14, no. 1, p. 16, 2022.

[21] W. Zong, Y.-W. Chow, and W. Susilo, “Interactive three-dimensional visualization of network intrusion detection data for machine learning,” Future Generation Computer Systems, vol. 102, pp. 292–306, 2020.

[22] L. J. Borges Amaro, B. W. Percilio Azevedo, F. L. Lopes de Mendonca, W. F. Giozza, R. d. O. Albuquerque, and L. J. Garcia Villalba, “Methodological framework to collect, process, analyze and visualize cyber threat intelligence data,” Applied Sciences, vol. 12, no. 3, p. 1205, 2022.

[23] I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “An evaluation framework for network security visualiza-tions,” Computers G Security, vol. 84, pp. 70–92, 2019.

[24] Y. Feng, J. Li, J. Mirkovic, C. Wu, C. Wang, H. Ren, J. Xu, and Y. Liu, “Unmasking the internet: A survey of fine-grained network traffic analysis,” IEEE Communications Surveys G Tutorials, 2025.

[25] D. Clark and B. P. Turnbull, “Interactive 3d visualization of network traffic in time for forensic analysis.” in VISIGRAPP (3: IVAPP), 2020, pp. 177–184.

[26] H. Shiravi, A. Shiravi, and A. A. Ghorbani, “A survey of visualization systems for network security,” IEEE Transactions on visualization and computer graphics, vol. 18, no. 8, pp. 1313–1329, 2011.

[27] H. Ahmad, F. Ullah, and R. Jafri, “A survey on immersive cyber situational awareness systems,” Journal of Cybersecurity and Privacy, vol. 5, no. 2, p. 33, 2025.

[28] V. Cobilean, H. S. Mavikumbure, B. J. Mcbride, B. Vaagensmith, V. K. Singh, R. Li, C. Rieger, andM. Manic, “A review of visualization methods for cyber-physical security: Smart grid case study,” IEEE Access, vol. 11, pp. 59 788–59 803, 2023.

[29] D. H. Jeong, B.-K. Jeong, and S.-Y. Ji, “Multi-resolution analysis with visualization to determine network attack patterns,” Applied Sciences, vol. 13, no. 6, p. 3792, 2023.

[30] G. Bendiab, S. Shiaeles, A. Alruban, and N. Kolokotronis, “Iot malware network traffic classification using visual representation and deep learning,” in 2020 6th IEEE Conference on Network Softwarization (NetSoft). IEEE, 2020, pp. 444–449.

[31] M. Aminu, A. Akinsanya, D. A. Dako, and O. Oyedokun, “Enhancing cyber threat detection through real-time threat intelligence and adaptive defense mechanisms,” International Journal of Computer Applications Technology and Research, vol. 13, no. 8, pp. 11–27, 2024.

[32] K. D. O. Ofoegbu, O. S. Osundare, C. S. Ike, O. G. Fakeyede, and A. B. Ige, “Real-time cybersecurity threat detection using machine learning and big data analytics: A comprehensive approach,” Computer Science G IT Research Journal, vol. 4, no. 3, 2024.

[33] M. Rashed, I. T.-D. Viso, and A. I. González-Tablas, “A comparison of cyber intelligence platforms in the context of iot devices and smart homes,” Electronics, vol. 14, no. 22, p. 4503, 2025.

[34] M. O. Kaya, H. A. Dagdogen, M. Ozdem, and R. Das, “An effective new penetration test approach to detect web attacks on web applications,” Expert Systems with Applications, p. 129623, 2025.

[35] S. Fujii, N. Kawaguchi, T. Shigemoto, and T. Yamauchi, “Extracting and analyzing cybersecurity named entity and its relationship with noncontextual iocs from unstructured text of cti sources,” Journal of Information Processing, vol. 31, pp. 578–590, 2023.

[36] N. Yau, Visualize this: the FlowingData guide to design, visualization, and statistics. John Wiley & Sons, 2024.

[37] O. T. Taofeek, M. Alawida, A. Alabdulatif, A. E. Omolara, and O. I. Abiodun, “A cognitive deception model for generating fake documents to curb data exfiltration in networks during cyber-attacks,” IEEE Access, vol. 10, pp. 41 457–41 476, 2022.

[38] M. Alshehri, A. Abugabah, A. Algarni, and S. Almotairi, “Character-level word encoding deep learning model for combating cyber threats in phishing url detection,” Computers and Electrical Engineering, vol. 100, p. 107868, 2022.

[39] A. Tundis, S. Ruppert, and M. Mühlhäuser, “A feature-driven method for automating the assessment of osint cyber threat sources,” Computers G Security, vol. 113, p. 102576, 2022.

[40] R. Das and M. Soylu, “A key review on graph data science: The power of graphs in scientific studies,” Chemometrics and Intelligent Laboratory Systems, vol. 240, p. 104896, 2023.

[41] G. Yu, C. Liu, T. Fang, J. Jia, E. Lin, Y. He, S. Fu, L. Wang, L. Wei, and Q. Huang, “A survey of real-time rendering on web3d application,” Virtual Reality G Intelligent Hardware, vol. 5, no. 5, pp. 379–394, 2023.

[42] T. N. Alrumaih and M. J. Alenazi, “Cgaad: Centrality-and graph-aware deep-learning model for detecting cyberattacks targeting industrial control systems in critical infrastructure,” IEEE Internet of Things Journal, vol. 11, no. 13, pp. 24 162–24 182, 2024.

[43] C. Wang, J. Caja, E. Gómez, and P. Maresca, “Procedure for calibrating the z-axis of a confocal microscope: Application for the evaluation of structured surfaces,” Sensors, vol. 19, no. 3, p. 527, 2019.

[44] B. Duinkharjav, K. Chen, A. Tyagi, J. He, Y. Zhu, and Q. Sun, “Color-perception-guided display power reduction for virtual reality,” ACM Transactions on Graphics (TOG), vol. 41, no. 6, pp. 1–16, 2022.

[45] M. O. Kaya and R. Das, “Scalable object-relational mod-eling for synthesizing multi-format visual analytics of stix-based cyber threat intelligence data,” EAI Endorsed Transactions on Industrial Networks and Intelligent Sys-tems, vol. 13, no. 2, Jun. 2026.

Downloads

Published

07-07-2026

How to Cite

1.
Das R, Kaya MO. SIMURG: Strategic intelligent framework for realtime3D visualization and high-altitude analysis of global cyber threats. EAI Endorsed Trans Ind Net Intel Syst [Internet]. 2026 Jul. 7 [cited 2026 Jul. 8];13(3). Available from: https://publications.eai.eu/index.php/inis/article/view/12740

Most read articles by the same author(s)