Systematic Literature Review on Usability of Firewall Configuration

@article{Voronkov2018SystematicLR,
  title={Systematic Literature Review on Usability of Firewall Configuration},
  author={Artem Voronkov and Leonardo Horn Iwaya and Leonardo A. Martucci and Stefan Lindskog},
  journal={ACM Computing Surveys (CSUR)},
  year={2018},
  volume={50},
  pages={1 - 35}
}
Firewalls are network security components that handle incoming and outgoing network traffic based on a set of rules. [] Key Result Among the main findings, we perceived that there is a lack (or even an absence) of usability evaluation or user studies to validate the proposed models. Although all articles are related to the topic of usability, none of them clearly defines it, and only a few actually employ usability design principles and/or guidelines.
Natural vs. Technical Language Preference and Their Impact on Firewall Configuration
TLDR
The results show that participants’ perception of a certain rule set representation depends on their firewall expertise, and participants with basic or intermediate knowledge of firewalls consider rule sets expressed in English to be 40% easier to understand, whereas advanced or expert firewall users deemed it to be 27% more difficult.
On optimizing firewall performance in dynamic networks by invoking a novel swapping window–based paradigm
TLDR
A simple condition for performing the swapping of the firewall's rules is proposed, using a novel “batch”‐based traffic estimator that provides network statistics to the firewall placement optimizer and a subtle but modified batch‐based embodiment of the Stochastic Learning Weak Estimator.
System Administrators Are Parting Ways With Command Line Interfaces: An Exploratory Study of Firewall Interfaces
TLDR
The comparative characteristics regarding the strengths and limitations of the interfaces and for which tasks they are used by the security experts are reported and design recommendations for firewall interfaces are made.
A Feasible Anomaly Diagnosis Mechanism for Stateful Firewall Rules
  • C. Chao
  • Computer Science
    2018 27th International Conference on Computer Communication and Networks (ICCCN)
  • 2018
TLDR
This paper describes the newly developed diagnosis mechanisms which can speedily discover anomalies of stateful rules within/among firewalls with an innovative data structure - Enhanced Adaptive Rule Anomaly Relationship (or Enhanced-ARAR) tree.
A Usability Evaluation of Let's Encrypt and Certbot: Usable Security Done Right
TLDR
A randomized control trial is conducted to evaluate the usability of Let's Encrypt and Certbot in comparison to the traditional certificate authority approach and highlights how usability improvements aimed at administrators can have a large impact on security.
Decision Tree for Multiclass Classification of Firewall Access
TLDR
A decision tree classification algorithm with a tree-structured model is used for firewall activity analysis, which produces high classification accuracy and offers interpretation ability by presenting the classification model into a tree representation, which is a further advantage.
An archetype for mitigating the security threats in multi-cloud environment by implementing tree-based next-generation firewalls
TLDR
The proposed model has a heterogeneous cloud paradigm with a combination of firewall tracts to overcome rising security issues and also defines some advantages of NGFW to overcome these concerns.
System Administrators Prefer Command Line Interfaces, Don't They? An Exploratory Study of Firewall Interfaces
TLDR
The goal of this work is to investigate which interfaces system administrators prefer, and which they actually utilize in their daily tasks, and to provide design recommendations for firewall interfaces.
Usability Matters: A Human–Computer Interaction Study on Network Management Tools
TLDR
An investigation based on the human-computer interaction perspective is presented and improvements on the usability aspects of network monitoring tools are proposed.
A review of scientific research in defensive cyberspace operation tools and technologies
TLDR
A review of relevant research in cybersecurity tools and technologies is performed, organized according to both active and passive Defensive Cyberspace Operations, which accounts for the bulk of the cyber research literature over the last two decades.
...
...

References

SHOWING 1-10 OF 90 REFERENCES
On the Usability of Firewall Configuration
TLDR
The firewall configuration problem from the usability perspective is studied and models to measure the lexical and structural complexity of firewall configuration are proposed to examine where complexity lies in the configurations of real networks.
A Visualized Internet Firewall Rule Validation System
TLDR
This work is to build a visualized validation system for checking the security consistency between firewalls' rule configuration and the demands of network security policies.
A novel three-tiered visualization approach for firewall rule validation
A Feasible Visualized System for Anomaly Diagnosis of Internet Firewall Rules
TLDR
This work is to build a feasible diagnosis system for checking the anomalies between firewalls' rules which often lead to the inconsistency between the demands of network security policies and firewall rule configuration.
A flexible and feasible anomaly diagnosis system for Internet firewall rules
  • C. Chao
  • Computer Science
    2011 13th Asia-Pacific Network Operations and Management Symposium
  • 2011
TLDR
This work is to build a feasible diagnosis system for checking the anomalies between firewalls' rules which often give rise to the inconsistency between the demands of network security policies and firewall rule configuration, and a systematic visualization approach is developed.
A History and Survey of Network Firewalls
TLDR
Little work exists in the area of firewall theory; however, this article summarizes what exists and high-level languages have been developed to simplify the task of correctly defining a firewall’s policy.
A quantitative study of firewall configuration errors
  • A. Wool
  • Computer Science
    Computer
  • 2004
TLDR
Analysis of real configuration data show that corporate firewalls are often enforcing rule sets that violate well established security guidelines.
FIREMAN: a toolkit for firewall modeling and analysis
TLDR
Fireman, a static analysis toolkit for firewall modeling and analysis, is introduced and used to uncover several real misconfigurations in enterprise networks, some of which have been subsequently confirmed and corrected by the administrators of these networks.
Conflict classification and analysis of distributed firewall policies
TLDR
All anomalies that could exist in a single- or multifirewall environment are identified and a set of techniques and algorithms to automatically discover policy anomalies in centralized and distributed firewalls are presented.
Visual analysis of complex firewall configurations
TLDR
A visualization tool to support the network administrator in this complex task of understanding firewall rule sets and object group definitions, which consists of a hierarchical sunburst visualization, which logically groups rules or object groups according to their common characteristics, and classical tree view components for rules and object groups.
...
...