NETWORK ACCESS CONTROL LIST SITUATION AWARENESS

Open Access
Author:
Reifers, Andrew Lee
Graduate Program:
Information Sciences and Technology
Degree:
Doctor of Philosophy
Document Type:
Dissertation
Date of Defense:
June 22, 2010
Committee Members:
  • Michael Mc Neese, Dissertation Advisor
  • Michael Mc Neese, Committee Chair
  • David J Hall, Committee Chair
  • Xiaolong Zhang, Committee Member
  • Susan Mohammed, Committee Member
Keywords:
  • Situation Awareness
  • Network Access Controls
  • Visualization
Abstract:
Network security is a large and complex problem being addressed by multiple communities. Nevertheless, current theories in networking security appear to overestimate network administrators’ ability to understand network access control lists (NACLs), providing few context specific user analyses. Consequently, the current research generally seems to overlook the User Interface (UI) design needs of network administrators with respect to NACL configurations, despite the emphasis placed on them by security practitioners. To explore this incongruity, a small study was first conducted and indeed found that NACL configurations are significant factor in network security and could benefit from better user designs. A visualization approach was then developed to address some of the UI needs identified in the study, and tested via a human-in-the-loop study that examined how well participants responded to simulated network attacks. A novel artifact was designed and implemented, as an initial attempt to address the network administrator UI needs identified within the new visualization approach. This artifact was hypothesized to increase network administrator situation awareness and performance. The attacks were generated using CyberCITIES, an extension of the previously accepted design research tool NeoCITIES. The tests indicated that visualizing ACLS did improve the situation awareness and performance of non-expert users and suggest this research could be extended to system administrators.