Visual firewall: real-time network security monitor

Author

Lee, Chris P. ; Tros, Jason ; Gibbs, Nicholas ; Beyah, Raheem ; Copeland, John A.

Author_Institution

CSC, Georgia Tech, USA

fYear

2005

fDate

26 Oct. 2005

Firstpage

129

Lastpage

136

Abstract

Networked systems still suffer from poor firewall configuration and monitoring. VisualFirewall seeks to aid in the configuration of firewalls and monitoring of networks by providing four simultaneous views that display varying levels of detail and time-scales as well as correctly visualizing firewall reactions to individual packets. The four implemented views, real-time traffic, visual signature, statistics, and IDS alarm, provide the levels of detail and temporality that system administrators need to properly monitor their systems in a passive or an active manner. We have visualized several attacks, and we feel that even individuals unfamiliar with networking concepts can quickly distinguish between benign and malignant traffic patterns with a minimal amount of introduction.

Keywords

authorisation; data visualisation; telecommunication security; VisualFirewall; firewall configuration; firewall monitoring; information visualization; network monitoring; networked systems; real-time network security monitor; real-time traffic; user interfaces; visual signature; Computer security; Computer viruses; Computer worms; Computerized monitoring; Information security; Intrusion detection; Protection; Real time systems; Telecommunication traffic; Visualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Visualization for Computer Security, 2005. (VizSEC 05). IEEE Workshop on

Print_ISBN

0-7803-9477-1

Type

conf

DOI

10.1109/VIZSEC.2005.1532075

Filename

1532075