Practical firewall policy inspection using anomaly detection and its visualization
- Authors
- Kim, Ui-Hyong; Kang, Jung-Min; Lee, Jae-Sung; Kim, Hyong-Shik; Jung, Soon-Young
- Issue Date
- 7월-2014
- Publisher
- SPRINGER
- Keywords
- Firewall; Policy; Anomaly; Visualization; FPA; FPC
- Citation
- MULTIMEDIA TOOLS AND APPLICATIONS, v.71, no.2, pp.627 - 641
- Indexed
- SCIE
SCOPUS
- Journal Title
- MULTIMEDIA TOOLS AND APPLICATIONS
- Volume
- 71
- Number
- 2
- Start Page
- 627
- End Page
- 641
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/98062
- DOI
- 10.1007/s11042-013-1673-8
- ISSN
- 1380-7501
- Abstract
- Due to the increasing cyber threats, firewall has become the one of the core elements in network security. The effectiveness of firewall security is dependent on providing policy management techniques. For this reason, it is highly required to have an automatic tool that is real applicable to running firewalls and it should help administrators use in easy. This paper represents a first step toward a practically applicable tool called Firewall Policy Checker for firewall policy inspection based on four anomaly types. It also focuses on detecting dangerous services such as telnet, ftp and so on which many administrators set as time goes and detecting illegal servers. In addition, this tool supports a large number of rules with the high speed using efficient N-ary tree module. The experimental results using real organizations' rules are introduced. Finally, this paper illustrates an easy 3D visualization even for non experts.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - Graduate School > Department of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.