Visual Firewall: Real-time Network Security Monito

Authors:
Chris P. Lee;Jason Trost;Nicholas Gibbs;Raheem Beyah;John A. Copeland
Affiliations:
Georgia Tech CSC;Georgia Tech CS Dept;Georgia Tech CS Dept;Georgia Tech CS;Georgia Tech CS
Venue:
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Year:
2005

Citing 0
Cited 10

Flowtag: a collaborative attack-analysis, reporting, and sharing tool for security researchers

Proceedings of the 3rd international workshop on Visualization for computer security
PolicyVis: firewall security policy visualization and inspection

LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Visualization based policy analysis: case study in SELinux

Proceedings of the 13th ACM symposium on Access control models and technologies
A Component-Based Framework for Visualization of Intrusion Detection Events

Information Security Journal: A Global Perspective
Domain Specific Intended Use Evaluation Method: Intrusion Detection Specific Intended Use Evaluation Method

ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
A scalable aural-visual environment for security event monitoring, analysis, and response

ISVC'07 Proceedings of the 3rd international conference on Advances in visual computing - Volume Part I
A new concentric-circle visualization of multi-dimensional data and its application in network security

Journal of Visual Languages and Computing
A survey of security visualization for computer network logs

Security and Communication Networks
Visual analysis of complex firewall configurations

Proceedings of the Ninth International Symposium on Visualization for Cyber Security
Visualizing PHPIDS log files for better understanding of web server attacks

Proceedings of the Tenth Workshop on Visualization for Cyber Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Networked systems still suffer from poor firewall configuration and monitoring. VisualFirewall seeks to aid in the configuration of firewalls and monitoring of networks by providing four simultaneous views that display varying levels of detail and time-scales as well as correctly visualizing firewall reactions to individual packets. The four implemented views: Real-Time Traffic, Visual Signature, Statistics, and IDS Alarm, provide the levels of detail and temporality that system administrators need to properly monitor their systems in a passive or an active manner. We have visualized several attacks, and we feel that even individuals unfamiliar with networking concepts can quickly distinguish between benign and malignant traffic patterns with a minimal amount of introduction.