Automatic Conformance Verification of Distributed Firewalls to Security Requirements

Youssef, Nihel Ben; Bouhoula, Adel

doi:10.1109/socialcom.2010.126

Cited by 11 publications

(2 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ben Youssef et al [19] verify the conformance of firewall configurations with respect to the security policies using a satisfiability solver modulo theories (SMT). They extend their work in order to support the case of distributed firewalls [20].…”

Section: Related Workmentioning

confidence: 99%

Detection of firewall configuration errors with updatable tree

Abbes

Bouhoula

Rusinowitch

2015

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

International audienceThe fundamental goals of security policy are to allow uninterrupted access to the network resources for authenticated users and to deny access to unauthenticated users. For this purpose, firewalls are frequently deployed in every size network. However, bad configurations may cause serious security breaches and network vulnerabilities. In particular, conflicted filtering rules lead to block legitimate traffic and to accept unwanted packets. This fact troubles administrators who have to insert and delete filtering rules in a huge configuration file. We propose in this paper a quick method for managing a firewall configuration file. We represent the set of filtering rules by a firewall anomaly tree (FAT). Then, an administrator can update the FAT by inserting and deleting some filtering rules. The FAT modification automatically reveals emerged anomalies and helps the administrator to find the adequate position for a new added filtering rule. All the algorithms presented in the paper have been implemented, and computer experiments show the usefulness of updating the FAT data structure in order to quickly detect anomalies when dealing with a huge firewall configuration file

show abstract

Section: Related Workmentioning

confidence: 99%

Detection of firewall configuration errors with updatable tree

Abbes

Bouhoula

Rusinowitch

2015

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

show abstract

“…In order to simplify the algorithm, only the 5 domains of the rules are considered in the rule collision detection: src_ip, dest_ip, src_port, dest_port and protocol [9]. The src_port and dest_port may range from 0~65535, while the actual application typically takes only a limited range.…”

Section: A Audit Scheme Which Based On Policy Treementioning

confidence: 99%

Audit and Processing of Anormaly Firewall Rules

Cao¹,

Gao²,

Yu³

2015

Proceedings of the International Conference on Logistics, Engineering, Management and Computer Science

View full text Add to dashboard Cite

1. Objectiv ： Firewall rules configuration has been the focus of network security research and this paper studies and improves the firewall rule audit method to improve the matching efficiency of firewall rules. 2. Method: This paper makes a detailed study of the relationship between firewall rules, and explain them by the concept of the collection, then summarizes anormaly conflicts, then the rule of the firewall is optimized by using statistical algorithm. 3. Results: This paper designs the hierarchical audit structure, simplifies the audit work, and applies the policy tree algorithm to audit the rule set of the firewall. At last, the model of the different anomaly is given. 4. Conclusion: The 7 anormalies in the experimental rule set are all discoveried, and the average matching times is reduced from 4.624 to 3.544.

show abstract

Dealing with Stateful Firewall Checking

Youssef

Bouhoula

2011

Communications in Computer and Information Science

View full text Add to dashboard Cite

Automatic Conformance Verification of Distributed Firewalls to Security Requirements

Cited by 11 publications

References 8 publications

Detection of firewall configuration errors with updatable tree

Detection of firewall configuration errors with updatable tree

Audit and Processing of Anormaly Firewall Rules

Dealing with Stateful Firewall Checking

Contact Info

Product

Resources

About