Handling anomalies in distributed firewalls

被引:0
|
作者
Bouhoula, Adel [1 ]
Trabelsi, Zouheir
机构
[1] Ecole Super Commun Tunis, Cite Technologies Commun, Tunis 2083, Tunisia
[2] United Arab Emirates Univ, Coll Informat Technol, Al Ain 17555, U Arab Emirates
来源
2006 Innovations in Information Technology | 2006年
关键词
distributed firewall; filtering rules; anomalies; security policy; inference system;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Distributed Firewalls filter the incoming and outgoing network traffic based on a set of predefined filtering rules. The filtering rules have to be well defined and coherent in order to guarantee the desired responses of the Firewalls. In this paper, we propose an inference system for detecting all anomalies that could exist in a multi-Firewall network environment. Three classes of anomalies are described, namely, the Redundancy, Locking and Incoherence anomalies. Then, we give an example of common network architecture with the corresponding filtering policy. The example demonstrates how anomalies can be easily detected using the proposed inference model. Related works are discussed; and it will be demonstrated that the proposed inference model is more simple and general than related models.
引用
收藏
页码:237 / 241
页数:5
相关论文
共 50 条
  • [1] Discovery of policy anomalies in distributed firewalls
    Al-Shaer, ES
    Harried, HH
    IEEE INFOCOM 2004: THE CONFERENCE ON COMPUTER COMMUNICATIONS, VOLS 1-4, PROCEEDINGS, 2004, : 2605 - 2616
  • [2] Analysis of Policy Anomalies in Distributed Firewalls
    Cheng, Yu-Zhu
    Shi, Qiu-Ying
    International Journal of Network Security, 2022, 24 (04) : 617 - 627
  • [3] Rule Anomalies Detection in Firewalls
    Liao Xiaoju
    Wang Yi
    Lu Hai
    ADVANCED MATERIALS AND COMPUTER SCIENCE, PTS 1-3, 2011, 474-476 : 822 - 827
  • [4] Verification of Distributed Firewalls
    Gouda, Mohamed G.
    Liu, Alex X.
    Jafry, Mansoor
    GLOBECOM 2008 - 2008 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, 2008,
  • [5] Firewalls anomalies severity evaluation and classification
    Karoui, Kamel
    Ben Ftima, Fakher
    Ben Ghezala, Henda
    International Journal of Security and Networks, 2014, 9 (03) : 167 - 176
  • [6] Centralized administration of distributed firewalls
    Miller, M
    Morris, J
    PROCEEDINGS OF THE TENTH SYSTEMS ADMINISTRATION CONFERENCE (LISA X), 1996, : 19 - 23
  • [7] Interoperativity proposal between distributed firewalls and distributed IDS
    Orfila, A
    González-Tablas, AI
    Ribagorda, A
    7TH WORLD MULTICONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL XIII, PROCEEDINGS: SYSTEMICS, CYBERNETICS AND INFORMATICS: TECHNOLOGIES AND APPLICATIONS, 2003, : 444 - 447
  • [8] Distributed resource relay under personalised firewalls
    Jiang, ZH
    Gudipudi, L
    Pham, H
    SAM'03: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND MANAGEMENT, VOLS 1 AND 2, 2003, : 125 - 131
  • [9] Distributed embedded firewalls with virtual private groups
    Markham, T
    Meredith, L
    Payne, C
    DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, VOL II, PROCEEDINGS, 2003, : 81 - 83
  • [10] A summary of the autonomic distributed firewalls (ADF) project
    Meredith, LM
    DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, VOL II, PROCEEDINGS, 2003, : 260 - 265
12345