HSViz: Hierarchy Simplified Visualizations for Firewall Policy Analysis
- Authors
- Lee, Hyunjung; Lee, Suryeon; Kim, Kyounggon; Kim, Huy Kang
- Issue Date
- 2021
- Publisher
- IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
- Keywords
- Data visualization; Firewalls (computing); Visualization; Tools; Complexity theory; Licenses; IP networks; Firewall policy visualization; policy analysis; data visualization; rule anomaly detection
- Citation
- IEEE ACCESS, v.9, pp.71737 - 71753
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEEE ACCESS
- Volume
- 9
- Start Page
- 71737
- End Page
- 71753
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/130139
- DOI
- 10.1109/ACCESS.2021.3077146
- ISSN
- 2169-3536
- Abstract
- Most of the companies have firewalls in order to protect their internal networks and assets from the attacker of the cyber space. Firewall policies should be maintained and organized with high importance. However, considering the length of time needed in analyzing the highly complex policies and the risks of disabling firewall that may arise in case of a false policy setting. It is extremely hard to securely optimize the performance of firewalls. This paper is to suggest a visualization tool that shows the status and the types of policies applied throughout the firewalls so that such difficulties related to the maintenance of firewall policies can be resolved. The proposed tool is designed in six different angles; (1) Hierarchy-view, (2) Anomaly-view, (3) Distributed-view, (4) ANYPolicy-view, (5) SearchResult-view, and (6) Top and Bottom Used-view. The core of the overall function is to facilitate the easy identification of the policy interrelationships. The visualization tool has been tested by being applied across approximately 24 different firewall policies. The processing speed of each function and abuse detection rate were all reviewed positively. By the help of the tool, identifying the services, performance improvement, and visibility of the policy relations, which thereby will lead to better safety in preserving the assets intact. A video of the proposed visualization tool can be found on the web site: https://youtu.be/43OfHN8dteU
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.