Abstract
Although most companies operate a firewall to protect their information assets, they have difficulties in identifying the control conditions of firewalls. This study proposes an analysis tool to visualize segment-based firewall rules to facilitate verification of the current control conditions. The proposed visualization tool analyzes the current control conditions of packets automatically, thereby eliminating the need for manual inspection as before, and displays the conditions with a visualization model to allow them to be easily verified. This enables managers to perform fast and accurate verification to assess whether packets are allowed or denied. This present study involved implementing the proposed visualization tool, and simulations were conducted to verify that the proposed approach was achievable. The present study also included conducting interviews with firewall experts whose feedback was positive. A video of the proposed visualization tool can be found on the following web site: https://youtu.be/q4HMnBvXbk.
| Original language | English |
|---|---|
| Title of host publication | 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 1-8 |
| Number of pages | 8 |
| Volume | 2017-October |
| ISBN (Electronic) | 9781538626931 |
| DOIs | |
| Publication status | Published - 2017 Oct 6 |
| Event | 14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017 - Phoenix, United States Duration: 2017 Oct 2 → … |
Other
| Other | 14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017 |
|---|---|
| Country | United States |
| City | Phoenix |
| Period | 17/10/2 → … |
Fingerprint
Keywords
- D.1.7 [Software]: PROGRAMMING TECHNIQUES-Visual Programming
- K.6.5 [Management of Computing and Information Systems]: Security and Protection-Unauthorized access (e.g., hacking, phreaking)
ASJC Scopus subject areas
- Computer Networks and Communications
- Computer Vision and Pattern Recognition
Cite this
Firewall ruleset visualization analysis tool based on segmentation. / Kim, Hyungseok; Ko, Sukjun; Kim, Dong Seong; Kim, Huy Kang.
2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017. Vol. 2017-October Institute of Electrical and Electronics Engineers Inc., 2017. p. 1-8.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Firewall ruleset visualization analysis tool based on segmentation
AU - Kim, Hyungseok
AU - Ko, Sukjun
AU - Kim, Dong Seong
AU - Kim, Huy Kang
PY - 2017/10/6
Y1 - 2017/10/6
N2 - Although most companies operate a firewall to protect their information assets, they have difficulties in identifying the control conditions of firewalls. This study proposes an analysis tool to visualize segment-based firewall rules to facilitate verification of the current control conditions. The proposed visualization tool analyzes the current control conditions of packets automatically, thereby eliminating the need for manual inspection as before, and displays the conditions with a visualization model to allow them to be easily verified. This enables managers to perform fast and accurate verification to assess whether packets are allowed or denied. This present study involved implementing the proposed visualization tool, and simulations were conducted to verify that the proposed approach was achievable. The present study also included conducting interviews with firewall experts whose feedback was positive. A video of the proposed visualization tool can be found on the following web site: https://youtu.be/q4HMnBvXbk.
AB - Although most companies operate a firewall to protect their information assets, they have difficulties in identifying the control conditions of firewalls. This study proposes an analysis tool to visualize segment-based firewall rules to facilitate verification of the current control conditions. The proposed visualization tool analyzes the current control conditions of packets automatically, thereby eliminating the need for manual inspection as before, and displays the conditions with a visualization model to allow them to be easily verified. This enables managers to perform fast and accurate verification to assess whether packets are allowed or denied. This present study involved implementing the proposed visualization tool, and simulations were conducted to verify that the proposed approach was achievable. The present study also included conducting interviews with firewall experts whose feedback was positive. A video of the proposed visualization tool can be found on the following web site: https://youtu.be/q4HMnBvXbk.
KW - D.1.7 [Software]: PROGRAMMING TECHNIQUES-Visual Programming
KW - K.6.5 [Management of Computing and Information Systems]: Security and Protection-Unauthorized access (e.g., hacking, phreaking)
UR - http://www.scopus.com/inward/record.url?scp=85050737555&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85050737555&partnerID=8YFLogxK
U2 - 10.1109/VIZSEC.2017.8062196
DO - 10.1109/VIZSEC.2017.8062196
M3 - Conference contribution
AN - SCOPUS:85050737555
VL - 2017-October
SP - 1
EP - 8
BT - 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017
PB - Institute of Electrical and Electronics Engineers Inc.
ER -