Firewall ruleset visualization analysis tool based on segmentation

Hyungseok Kim, Sukjun Ko, Dong Seong Kim, Huy Kang Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Although most companies operate a firewall to protect their information assets, they have difficulties in identifying the control conditions of firewalls. This study proposes an analysis tool to visualize segment-based firewall rules to facilitate verification of the current control conditions. The proposed visualization tool analyzes the current control conditions of packets automatically, thereby eliminating the need for manual inspection as before, and displays the conditions with a visualization model to allow them to be easily verified. This enables managers to perform fast and accurate verification to assess whether packets are allowed or denied. This present study involved implementing the proposed visualization tool, and simulations were conducted to verify that the proposed approach was achievable. The present study also included conducting interviews with firewall experts whose feedback was positive. A video of the proposed visualization tool can be found on the following web site: https://youtu.be/q4HMnBvXbk.

Original languageEnglish
Title of host publication2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-8
Number of pages8
Volume2017-October
ISBN (Electronic)9781538626931
DOIs
Publication statusPublished - 2017 Oct 6
Event14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017 - Phoenix, United States
Duration: 2017 Oct 2 → …

Other

Other14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017
CountryUnited States
CityPhoenix
Period17/10/2 → …

    Fingerprint

Keywords

  • D.1.7 [Software]: PROGRAMMING TECHNIQUES-Visual Programming
  • K.6.5 [Management of Computing and Information Systems]: Security and Protection-Unauthorized access (e.g., hacking, phreaking)

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Vision and Pattern Recognition

Cite this

Kim, H., Ko, S., Kim, D. S., & Kim, H. K. (2017). Firewall ruleset visualization analysis tool based on segmentation. In 2017 IEEE Symposium on Visualization for Cyber Security, VizSec 2017 (Vol. 2017-October, pp. 1-8). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/VIZSEC.2017.8062196