Rule Anomalies Detection in Firewalls

Xiao Ju Liao; Yi Wang; Hai Lu

doi:10.4028/www.scientific.net/KEM.474-476.822

Paper Titles

Mechanism Design and Dynamic Analysis of Hybrid Cam-Linkage Mechanical Press
p.803

FEA of Stress behavior in the Single-Lap Adhesive Joint
p.807

Study of Wake Characteristics of a Horizontal-Axis Wind Turbine within Two-Phase Flow
p.811

Reliability and Maintainability Model of Support Object System for Equipment Combat Unit
p.816

Rule Anomalies Detection in Firewalls
p.822

A Small World Routing Protocol in Wireless Sensor Networks
p.828

A New Method for Parameters Extraction of Extruded Surface
p.834

Configuration Design and Kinematic Analysis on Some New 2R1T 3-DOF Parallel Robots
p.840

An Algorithm of Leaf Image Segmentation Based on Color Features
p.846

HomeKey Engineering MaterialsKey Engineering Materials Vols. 474-476Rule Anomalies Detection in Firewalls

Rule Anomalies Detection in Firewalls

Abstract:

Firewall is the most prevalent and important technique to enforce the security inside the networks. However, effective and free anomalies rules management in large and fast growing networks becomes increasingly challenging. In this paper, we use a directed tree-based method to detect rule anomalies in firewall; in addition, this method can track the source of the anomalies. We believe the posed information will simplify the rules management and minimizing the networking vulnerability due to firewall rules misconfigurations.

You might also be interested in these eBooks

View Preview

Info:

Periodical:

Key Engineering Materials (Volumes 474-476)

Pages:

822-827

DOI:

https://doi.org/10.4028/www.scientific.net/KEM.474-476.822

Citation:

Cite this paper

Online since:

April 2011

Authors:

Xiao Ju Liao, Yi Wang, Hai Lu

Keywords:

Anomaly Detection, Firewall, Firewall Management, Network Security

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

References

[1] J. D. Guttman. Filtering postures: Local enforcement for global policies. In Proceedings of IEEE Symp. on Security and Privacy, pages 120–129, (1997).

DOI: 10.1109/secpri.1997.601327

Google Scholar

[2] Y. Bartal, A. J. Mayer, K. Nissim, and A. Wool. Firmato: A novel ﬁrewall management toolkit. In Proceeding of the IEEE Symposium on Security and Privacy, pages 17–31, (1999).

DOI: 10.1109/secpri.1999.766714

Google Scholar

[3] S. Cobb. ICSA firewall policy guide v2. 0. NCSA Security White Paper Series, (1997).

Google Scholar

[4] Z. Fu, F. Wu, H. Huang, K. Loh, F. Gong, I. Baldine and C. Xu. IPSec/VPN security policy: correctness, conﬂict detection and resolution. Proceedings of Policy'2001 Workshop, January (2001).

DOI: 10.1007/3-540-44569-2_3

Google Scholar

[5] Alex X. Liu and Mohamed G. Gouda. Complete redundancy detection in firewalls. In Data and Applications Security, volume 3654 of Lecture Notes in Computer Science, pages 196-209. Springer-Verlag, (2005).

DOI: 10.1007/11535706_15

Google Scholar

[6] E. Al-Shaer and H. Hamed. Discovery of policy anomalies in distributed ﬁrewalls. In IEEE INFOCOM'04, pages 2605–2616, March (2004).

DOI: 10.1109/infcom.2004.1354680

Google Scholar

[7] S. Hazelhusrt. Algorithms for analyzing firewall and router access lists. Technical Report TR-WitsCS-1999, Department of Computer.

Google Scholar

[8] S. Ioannidis, A. Keromytis, S Bellovin and J. Smith. Implementing a distributed firewall. Proceedings of 7th ACM Conference on Computerand Comminications Security (CCS'00), November (2000).

DOI: 10.1145/352600.353052

Google Scholar

[9] S. Kamara, S. Fahmy, E. Schultz, F. Kerschbaum, and M. Frantzen. Analysis of ulnerabilities in internet ﬁrewalls. Computers and Security, 22(3): 214–232, (2003).

DOI: 10.1016/s0167-4048(03)00310-9

Google Scholar

[10] E. Al-Shaer and H. Hamed. Firewall policy advisor for anomaly detection and rule editing. In IEEE/IFIP Integrated Management IM'2003, pages 17–30, March (2003).

DOI: 10.1109/inm.2003.1194157

Google Scholar