Handling anomalies in distributed firewalls

Adel Bouhoula, Zouheir Trabelsi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Distributed Firewalls filter the incoming and outgoing network traffic based on a set of predefined filtering rules. The filtering rules have to be well defined and coherent in order to guarantee the desired responses of the Firewalls. In this paper, we propose an inference system for detecting all anomalies that could exist in a multi-Firewall network environment. Three classes of anomalies are described, namely, the Redundancy, Locking and Incoherence anomalies. Then, we give an example of common network architecture with the corresponding filtering policy. The example demonstrates how anomalies can be easily detected using the proposed inference model. Related works are discussed; and it will be demonstrated that the proposed inference model is more simple and general than related models.

Original languageEnglish
Title of host publication2006 Innovations in Information Technology, IIT
DOIs
Publication statusPublished - 2006
Event2006 Innovations in Information Technology, IIT - Dubai, United Arab Emirates
Duration: Nov 19 2006Nov 21 2006

Publication series

Name2006 Innovations in Information Technology, IIT

Other

Other2006 Innovations in Information Technology, IIT
Country/TerritoryUnited Arab Emirates
CityDubai
Period11/19/0611/21/06

Keywords

  • Anomalies
  • Distributed firewall
  • Filtering rules
  • Inference system
  • Security policy

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications

Fingerprint

Dive into the research topics of 'Handling anomalies in distributed firewalls'. Together they form a unique fingerprint.

Cite this