BibTeX
CSL-JSON
MLA
Harvard
EPiC Series in Computing Automatic detection and correction of firewall misconfigurations-A formal approach
release_s2o4lvjbvjbavk6e5ibx3pfcgy
by
Amina Saâdaoui, Nihel Ben, Youssef Souayeh, Adel Bouhoula
Released
as a article-journal
.
2017 Volume 45
Abstract
Firewall has been at the center of intense research in the last decade owing to the increase of malicious attacks on networks. Constant updating of the firewall configuration by modifying, adding and removing rules increases the complexity of the configuration resulting in overlapping and often conflicting filtering rules. As a consequence, the set of filtering rules becomes unreliable and contains multiple misconfigurations creating ambiguity in classification of new traffic, not only affecting the performance of the firewall, but also putting the system in a vulnerable position. Manual management of this problem can be overwhelming and potentially inaccurate. Therefore, there is a need of automated methods to analyze, detect and fix misconfigurations. The objective of our work is to propose (1) a new formal approach to discover effective firewall configurations errors, (2) an optimal and automatic method with the minimum number of operations to correct these miscon-figurations in both centralized firewalls and firewalls in a distributed environment and (3) a tool that implements proposed techniques and significantly helps user in discovering and resolving firewall misconfigurations.
In text/plain format
Archived Files and Locations
application/pdf 398.3 kB
file_pfoc6jxaerbxjj5mc3jvtgituu
|
web.archive.org (webarchive) easychair.org (web) |
Read Archived PDF
Preserved and Accessible
Type
Stage
Year 2017
article-journalStage
unknown
Year 2017
Work Entity
access all versions, variants, and formats of this works (eg, pre-prints)
access all versions, variants, and formats of this works (eg, pre-prints)
Cite This
Lookup Links