Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
A Secure Service Framework for Handling Security Critical Data on the Public Cloud Read chapter Read first chapter

2012 | OriginalPaper | Chapter

61. Practical Firewall Policy Inspection Using Anomaly Detection and Its Visualization

Authors : Ui-Hyong Kim, Jung-Min Kang, Jae-Sung Lee, Hyong-Shik Kim

Published in: Proceedings of the International Conference on IT Convergence and Security 2011

Publisher: Springer Netherlands

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Due to the increasing cyber threats, firewall has become the one of the core elements in network security. The effectiveness of firewall security is dependent on providing policy management techniques. For this reason, it is highly required to have an automatic tool that is real applicable to running firewalls and it should help administrator use in easy. This paper represents a first step toward a practically applicable tool called Firewall Policy Checker for firewall policy inspection based on four anomaly types. It also focuses on detecting dangerous services such as telnet, ftp and so on which many different administrators set as time goes and detecting illegal servers. This tool also supports a large number of rules with the high speed using efficient N-ary tree module. The experimental results using real organizations’ rules are introduced. Finally, this paper illustrates an easy visualization even for non-security administrators.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Malware Classification Methods Using API Sequence Characteristics
Literature
1.
Cheswick W, Belovin S (1995) Firewalls and internet security. Addison-Wesley, Reading
2.
Al-Shaer ES, Hamed HH (2002) Design and implementation of firewall policy advisor tools, Technical report CTI-techrep0801
3.
Al-Shaer ES, Hamed HH (2003) Firewall policy advisor for anomaly discovery and rule editing. In: IFIP/IEEE 8th international symposium on integrated network management
4.
Tran T, Al-Shaer E, Boutaba R (2007) PolicyVis: firewall security policy visualization and inspection. In: Proceedings of the 21st large installation system administration conference (LISA ‘07)
5.
Marty R (2009) Applied security visualization. Addison Wesley, Reading
6.
Lee CP, Trost J, Gibbs N, Beyah R, Copeland JA (2005) Visual firewall: real-time network security monitor. In: Proceedings of the IEEE workshops on visualization for computer security
7.
Nidhi S (2005) FireViz: a personal firewall visualizing tool. Thesis, Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science
8.
9.
10.
11.
12.
Ellson J, Gansner ER, Koutsofios E, North SC, Woodhull G (2003) Graphviz and dynagraph - static and dynamic graph drawing tools. In: Jünger M, Mutzel P (eds) Graph drawing software. Springer-Verlag, Heidelberg, pp 127–148
13.
Yin X, Yurcik W, Slagell A (2005) The design of VisFlowConnect-IP: a link analysis system for IP security situational awareness. In: Proceedings of the 3rd IEEE international workshop on information assurance (IWIA’ 05)
14.
Goodall JR (2007) Introduction to visualization for computer security. In: VizSec ‘07 Proceedings of the 4th international symposium on visualization for cyber security
15.
Pearlman J, Rheingans P (2007) Visualizing network security events using compound glyphs from a service-oriented perspective. In: VizSec ‘07 Proceedings of the 4th international symposium on visualization for cyber security
16.
Glatz E (2010) Visualizing host traffic through graphs. In: VizSec ‘10 Proceedings of the 7th international symposium on visualization for cyber security
Metadata
Title
Practical Firewall Policy Inspection Using Anomaly Detection and Its Visualization
Authors
Ui-Hyong Kim
Jung-Min Kang
Jae-Sung Lee
Hyong-Shik Kim
Copyright Year
2012
Publisher
Springer Netherlands
Book
Proceedings of the International Conference on IT Convergence and Security 2011

Print ISBN: 978-94-007-2910-0

Electronic ISBN: 978-94-007-2911-7

Copyright Year: 2012

DOI
https://doi.org/10.1007/978-94-007-2911-7_61