Visual analysis of complex firewall configurations


Dateien zu dieser Ressource

Dateien Größe Format Anzeige

Zu diesem Dokument gibt es keine Dateien.

MANSMANN, Florian, Timo GÖBEL, William CHESWICK, 2012. Visual analysis of complex firewall configurations. the Ninth International Symposium. Seattle, Washington, 15. Okt 2012 - 15. Okt 2012. In: Proceedings of the Ninth International Symposium on Visualization for Cyber Security - VizSec '12. New York, New York, USA:ACM Press, pp. 1-8. ISBN 978-1-4503-1413-8. Available under: doi: 10.1145/2379690.2379691

@inproceedings{Mansmann2012Visua-22284, title={Visual analysis of complex firewall configurations}, year={2012}, doi={10.1145/2379690.2379691}, isbn={978-1-4503-1413-8}, address={New York, New York, USA}, publisher={ACM Press}, booktitle={Proceedings of the Ninth International Symposium on Visualization for Cyber Security - VizSec '12}, pages={1--8}, author={Mansmann, Florian and Göbel, Timo and Cheswick, William} }

<rdf:RDF xmlns:dcterms="" xmlns:dc="" xmlns:rdf="" xmlns:bibo="" xmlns:dspace="" xmlns:foaf="" xmlns:void="" xmlns:xsd="" > <rdf:Description rdf:about=""> <foaf:homepage rdf:resource="http://localhost:8080/jspui"/> <dc:contributor>Cheswick, William</dc:contributor> <dcterms:abstract xml:lang="eng">Firewalls have become essential components in the security concept of almost any modern computer network. Due to their relevance and central location in the network, their programming logic often survives several generations of administrators and hardware. Understanding the logic behind a firewall configuration is thus an important but challenging task for a network administrator. In general, there is a tendency to add new rules while old rules are only rarely changed or removed due to unexpected consequences in the network. In this paper we present a visualization tool to support the network administrator in this complex task of understanding firewall rule sets and object group definitions. The tool consists of a hierarchical sunburst visualization, which logically groups rules or object groups according to their common characteristics, a color-linked configuration editor and classical tree view components for rules and object groups. All these components are interactively linked to enable both exploratory and hypotheses testing tasks aimed at understanding the complex functionality of a firewall configuration. To verify our design, we present two case studies on the analysis of rule usage and on nested object groups and collected feedback from five firewall administrators.</dcterms:abstract> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dcterms:available rdf:datatype="">2013-03-01T14:11:40Z</dcterms:available> <dc:creator>Mansmann, Florian</dc:creator> <dc:date rdf:datatype="">2013-03-01T14:11:40Z</dc:date> <dspace:isPartOfCollection rdf:resource=""/> <dc:creator>Cheswick, William</dc:creator> <dcterms:issued>2012</dcterms:issued> <dc:contributor>Göbel, Timo</dc:contributor> <dcterms:bibliographicCitation>Proceedings of the Ninth International Symposium on Visualization for Cyber Security. - New York, NY : ACM, 2012. - S. 1-8. - ISBN 978-1-4503-1413-8</dcterms:bibliographicCitation> <dcterms:title>Visual analysis of complex firewall configurations</dcterms:title> <dc:creator>Göbel, Timo</dc:creator> <dc:language>eng</dc:language> <dcterms:isPartOf rdf:resource=""/> <dc:rights>terms-of-use</dc:rights> <dcterms:rights rdf:resource=""/> <bibo:uri rdf:resource=""/> <dc:contributor>Mansmann, Florian</dc:contributor> </rdf:Description> </rdf:RDF>

Das Dokument erscheint in:

KOPS Suche


Mein Benutzerkonto