Visual firewall: real-time network security monitor

Networked systems still suffer from poor firewall configuration and monitoring. VisualFirewall seeks to aid in the configuration of firewalls and monitoring of networks by providing four simultaneous views that display varying levels of detail and time-scales as well as correctly visualizing firewall reactions to individual packets. The four implemented views, real-time traffic, visual signature, statistics, and IDS alarm, provide the levels of detail and temporality that system administrators need to properly monitor their systems in a passive or an active manner. We have visualized several attacks, and we feel that even individuals unfamiliar with networking concepts can quickly distinguish between benign and malignant traffic patterns with a minimal amount of introduction.

[1]  Stephen Lau,et al.  The Spinning Cube of Potential Doom , 2004, CACM.

[2]  Deborah A. Frincke,et al.  Intrusion and Misuse Detection in Large-Scale Systems , 2002, IEEE Computer Graphics and Applications.

[3]  Tetsuji Takada,et al.  MieLog: A Highly Interactive Visual Log Browser Using Information Visualization and Statistical Analysis , 2002, LISA.

[4]  Kulsoom Abdullah,et al.  Passive visual fingerprinting of network attack tools , 2004, VizSEC/DMSEC '04.

[5]  G. Conti,et al.  Real-time and forensic network data analysis using animated and coordinated visualization , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[6]  Kwan-Liu Ma Visualization for security , 2004, COMG.

[7]  Kwan-Liu Ma,et al.  PortVis: a tool for port-based detection of security events , 2004, VizSEC/DMSEC '04.

[8]  Hideki Koike,et al.  SnortView: visualization system of snort logs , 2004, VizSEC/DMSEC '04.

[9]  Chris North,et al.  Home-centric visualization of network traffic for security administration , 2004, VizSEC/DMSEC '04.

[10]  Robert F. Erbacher,et al.  Intrusion behavior detection through visualization , 2003, SMC'03 Conference Proceedings. 2003 IEEE International Conference on Systems, Man and Cybernetics. Conference Theme - System Security and Assurance (Cat. No.03CH37483).