Firewall filtering rules analysis for anomalies detection Online publication date: Tue, 26-Aug-2008
by Adel Bouhoula, Zouheir Trabelsi, Ezedin Barka, Mohammed-Anis Benelbahri
International Journal of Security and Networks (IJSN), Vol. 3, No. 3, 2008
Abstract: Firewalls are key components in network security architectures. A firewall controls the access into and from the network based on a set of predefined filtering rules. Hence, choosing well defined and coherent filtering rules becomes the important factor towards the effectiveness of firewalls. In this paper, we propose an approach for detecting and correcting anomalies in firewalls filtering rules. In fact, we define a process that starts with defining a matrix to represent the list of the filtering rules, and then generates a number of matrices defining all the relationships among the filtering rules, where each matrix is related to a particular type of network packet's field. Finally, the process uses the matrices to detect and correct the anomalies within the filtering rules. Moreover, the paper addresses the issue of the ordering of the filtering rules.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Security and Networks (IJSN):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com