A formal framework for verifying inter-firewalls consistency

Moussa, Majda; Ould-Slimane, Hakima; Boucheneb, Hanifa; Chamberland, Steven

doi:10.1109/iscc.2014.6912478

Cited by 3 publications

(3 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the field of firewall configuration and policies, current approaches to model based verification and validation include work by Brucker et al [18], who provide a formal model of stateful and stateless firewalls, and a framework that tests actual firewalls using that model. Moussa et al formalize the process of verifying consistency among a set of firewalls with a global security policy [9]. Adão et al [19] present a tool for converting abstract firewall models into concrete configurations for the Netfilter networking framework in Linux.…”

Section: Related Workmentioning

confidence: 99%

“…We explore the use of a model based approach for detection of configuration errors in the planning and design phase. The verification and validation of network configurations has been studied extensively [4,5,6,7,8,9]. However, previous work either does not provide a methodology for identifying and specifying rules, or describe how the corresponding rule violation error messages are generated to help environment designers.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Model Based Verification of Cyber Range Event Environments

Damodaran

Tidmarsh

2016

Modeling and Simulation of Complexity in Intelligent, Adaptive and Autonomous Systems 2016 (MSCIAAS 2016) and Space Simulation

View full text Add to dashboard Cite

We apply model based verification to cyber range event environment configurations, allowing for the early detection of errors in event environment configurations, and a reduction in the time and resources used during deployment. We categorize misconfiguration errors detected using the Common Cyber Environment Representation (CCER) ontology. We also provide an overview of a methodology to specify verification rules and the corresponding error messages. These rules have successfully detected errors in the designs of several cyber range event environments, thereby reducing cost and time to deployment.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Model Based Verification of Cyber Range Event Environments

Damodaran

Tidmarsh

2016

Modeling and Simulation of Complexity in Intelligent, Adaptive and Autonomous Systems 2016 (MSCIAAS 2016) and Space Simulation

View full text Add to dashboard Cite

show abstract

“…Authors in [15] use the concept of Relational Algebra and a 2D box model to identify anomalies. Also, there are research works focusing on creating automated solutions to detect configuration inconsistencies firewalls through formal verification [4], [9]. In [5], Gawanmeh et al presented a formal model for firewall configuration rules based on domain restriction.…”

Section: Introductionmentioning

confidence: 99%

Automatic detection and correction of firewall misconfigurations- A formal approach

Saâdaoui¹,

Youssef²,

Bouhoula³

EPiC Series in Computing

View full text Add to dashboard Cite

Firewall has been at the center of intense research in the last decade owing to the increase of malicious attacks on networks. Constant updating of the firewall configuration by modifying, adding and removing rules increases the complexity of the configuration resulting in overlapping and often conflicting filtering rules. As a consequence, the set of filtering rules becomes unreliable and contains multiple misconfigurations creating ambiguity in classification of new traffic, not only affecting the performance of the firewall, but also putting the system in a vulnerable position. Manual management of this problem can be overwhelming and potentially inaccurate. Therefore, there is a need of automated methods to analyze, detect and fix misconfigurations. The objective of our work is to propose (1) a new formal approach to discover effective firewall configurations errors, (2) an optimal and automatic method with the minimum number of operations to correct these misconfigurations in both centralized firewalls and firewalls in a distributed environment and (3) a tool that implements proposed techniques and significantly helps user in discovering and resolving firewall misconfigurations.

show abstract