Detecting and Resolving Firewall Policy Anomalies Using Rule-Based Segmentation
Journal: International Journal of Computer Science and Mobile Computing - IJCSMC (Vol.2, No. 4)Publication Date: 2013-04-15
Authors : Anbarasan.A Balasubramani.G Madhan.C Naveenkumar.P N.S.Nithya;
Page : 134-137
Keywords : Segmentation; Correlation; Packet space; conflict; Distributed;
Abstract
In this paper we present an anomaly management framework for firewalls based on a rule-based segmentation technique to facilitate not only more accurate anomaly detection but also effective anomaly resolution. We represent an innovative policy anomaly management framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective anomaly resolutions. .Based on this technique, a network packet space defined by a firewall policy can be divided into a set of disjoint packet space segments. Each segment associated with a unique set of firewall rules accurately indicates an overlap relation among those rules. We also introduce a flexible conflict resolution method to enable a fine-grained conflict resolution with the help of several effective resolution strategies with respect to the risk assessment of protected networks and the intention of policy definition.
Other Latest Articles
- Research in Retrieving Concrete Image from the Blurred Image?
- HDL IMPLEMENTATION OF ALGEBRAIC SOFT DECISION ALGORITHM FOR RS CODES?
- A Survey on k-Means Clustering Algorithm Using Different Ranking Methods in Data Mining?
- TRANSINFORMER ? An Integrated System for Health Monitoring of Power Transformers?
- A Survey of Transport Layer Protocols on Reliability in Wireless Sensor Networks
Last modified: 2013-05-02 15:11:20