期刊
IEEE ACCESS
卷 9, 期 -, 页码 105989-106004出版社
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/ACCESS.2021.3100141
关键词
Visualization; Tools; Protocols; Firewalls (computing); User interfaces; Usability; Optimization; Firewall; information visualization; policy anomaly; user interface; usability
资金
- 'Construction of Information Security Scheme for Supercomputing Environment based on AI' - Korea Institute of Science and Technology Information (KISTI) [K-21-L02-C03]
- National Research Foundation of Korea [K-21-L02-C03] Funding Source: Korea Institute of Science & Technology Information (KISTI), National Science & Technology Information Service (NTIS)
Firewalls are crucial for protecting internal networks and valuable information by monitoring and controlling network traffic through access control, authentication, logging, and auditing. Despite various proposed techniques and applications, there remains a lack of usability due to limitations in the text-based interface and the complexity of practical use.
As an essential system for protecting internal networks and valuable information, the firewall monitors and controls network traffic in terms of access control, authentication, logging, and auditing. In particular, it carries out both allowing and blocking communications between internal and external networks based on proper Access Control List (ACL). However, a complex ACL along with huge network environments lead to exposing vulnerabilities and communication problems, because of anomalies among policies. Even though various techniques and applications combined with visualization approaches have been proposed, there is still a lack of usability caused by not only the limitation of the text-based interface but also the complexity of practical use. In order to solve these problems, this work proposes a 3D-based hierarchical visualization method, namely F/Wvis, for intuitive ACL management and analysis. The F/Wvis, particularly, supports ACL management for a large-scale network as well as analysis of detail anomalies on policies by providing a drill-down user interface through the hierarchical visualization approach. Further, the implemented system is evaluated against popular tools by network security experts to identify the usability and effectiveness in real-world situations (a demonstration video is available at: https://bit.ly/34ooEDc).
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据