Technology Transfer of Visualization of Security Policy and Large Scale Log

KISTI has concluded technology transfer agreement with a private company, UNET System, on the system of visualization of firewall policy and log, named VizPolaris, that makes it possible to secure visibility of firewall policy and analyze invation log, on September 17th, 2020.

The system converts text-based firewall-approaching policy and security log to visible images, which can help to intuitively recognize the policy and log. The system has been developed to help more efficiently operate and manage the firewall by managing firewall policy efficiently; deeply tracking IP behaving maliciously; effeciently detecting cyber target attack based on social issues; and providing information on abnormal behavior.

The visualization system has functions that recognize and improve both overlapping policies vulnerable to sercurity or unnecessary and problems having strange relations between approaching policies by expressing firewall's approach policies hierarchically.

It also helps to identify and handle the first communiation time with malicious IP; major attack behaviors; related social issues; and targeted objects by creating, accumulating, and visualizing various statistical information of massive security logs. In addition, it makes it possible to intuitively indentify malicious hebaviors of invaders or victims by expressing periodic or aperiodic features of network traffics through collecting and analyzing security logs for a long time.

The developed technology is expected to make a great contribution to enhancement of security of organizations and companies by supporting swift decising-making and detection and handling of cyber attack of ordinary managers as well as security exeives through securing not only firwall's logs essentially installed and operated by each organization and cyber security center but also visibility of security policy.