Firewall ruleset visualization analysis tool based on segmentation

Hyungseok Kim, Sukjun Ko, Dong Seong Kim, Huy Kang Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Although most companies operate a firewall to protect their information assets, they have difficulties in identifying the control conditions of firewalls. This study proposes an analysis tool to visualize segment-based firewall rules to facilitate verification of the current control conditions. The proposed visualization tool analyzes the current control conditions of packets automatically, thereby eliminating the need for manual inspection as before, and displays the conditions with a visualization model to allow them to be easily verified. This enables managers to perform fast and accurate verification to assess whether packets are allowed or denied. This present study involved implementing the proposed visualization tool, and simulations were conducted to verify that the proposed approach was achievable. The present study also included conducting interviews with firewall experts whose feedback was positive. A video of the proposed visualization tool can be found on the following web site: https://youtu.be/q4HMnBvXbk.

Original languageEnglish
Title of host publication2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017
EditorsCeleste Lyn Paul, Simon Walton, Sophie Engle, Diane Staheli, Lane Harrison, Nicolas Prigent, Robert Gove
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-8
Number of pages8
ISBN (Electronic)9781538626931
DOIs
Publication statusPublished - 2017 Oct 6
Event14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017 - Phoenix, United States
Duration: 2017 Oct 2 → …

Publication series

Name2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017
Volume2017-October

Other

Other14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017
Country/TerritoryUnited States
CityPhoenix
Period17/10/2 → …

Keywords

  • D.1.7 [Software]: PROGRAMMING TECHNIQUES-Visual Programming
  • K.6.5 [Management of Computing and Information Systems]: Security and Protection-Unauthorized access (e.g., hacking, phreaking)

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition

Fingerprint

Dive into the research topics of 'Firewall ruleset visualization analysis tool based on segmentation'. Together they form a unique fingerprint.

Cite this