Rule Anomalies Detection in Firewalls
Firewall is the most prevalent and important technique to enforce the security inside the networks. However, effective and free anomalies rules management in large and fast growing networks becomes increasingly challenging. In this paper, we use a directed tree-based method to detect rule anomalies in firewall; in addition, this method can track the source of the anomalies. We believe the posed information will simplify the rules management and minimizing the networking vulnerability due to firewall rules misconfigurations.
X. J. Liao et al., "Rule Anomalies Detection in Firewalls", Key Engineering Materials, Vols. 474-476, pp. 822-827, 2011