Attacker profiles

Attacker profiles are a good example of the need for stacking because the number of parameters change depending on the situation. Intel provides a set of baseline attacker profiles in this PDF on Threat Agent Risk Assesment ( Download PDF:wp_it_security_riskassessment). But there are cases where perhaps some parameters may not matter. It is necessary to create a visual system that allows for this. By using a unified legend, as described above, where thickness and colour can represent threat level, it becomes possible to represent an attacker profile as a set of stacked circles, in which each parameter is one of the circles. This technique allows extensibility if say, later on, a situation calls for an additional parameter by providing the ability to stack an additional circle. Again, it is important to pay attention to visual hierarchy as parameters that are closer to the outside of a circle are weighted as visually more important. This can be adjusted by arranging the parameters in order of importance, or preference, from inside to outside.

Interface to change parameters of attacker profiles (budget and time) and legend to the profiles.
Interface to change parameters of attacker profiles (budget and time) and legend to the profiles.

A live demo can be found  here