TY - GEN
T1 - XML based open tool for anomalies detection in firewall filtering rules
AU - Benelbahri, Mohamed Anis
AU - Bouhoula, Adel
AU - Trabelsi, Zouheir
PY - 2007
Y1 - 2007
N2 - In our days, firewalls are widely deployed to secure both hosts and networks against attacks and unwanted data flows. They control incoming and outgoing packets based on filtering rules' lists which reflect the desired security policy. Therefore, filtering rules must be coherent, well edited and free from anomalies and mainly on the case of distributed firewalls. Many approaches, consequently, are developed to analyze access lists and validate them. In addition, many dedicated languages are used by constructors on the implementation of their firewalls. That's why; we present, in our paper, an open tool which translates all filtering rules languages to a unified representation using XML. Then, we extract their fields from the XML file and analyze them by applying the appropriate algorithm. We have implemented this tool and the first tests show its efficiency.
AB - In our days, firewalls are widely deployed to secure both hosts and networks against attacks and unwanted data flows. They control incoming and outgoing packets based on filtering rules' lists which reflect the desired security policy. Therefore, filtering rules must be coherent, well edited and free from anomalies and mainly on the case of distributed firewalls. Many approaches, consequently, are developed to analyze access lists and validate them. In addition, many dedicated languages are used by constructors on the implementation of their firewalls. That's why; we present, in our paper, an open tool which translates all filtering rules languages to a unified representation using XML. Then, we extract their fields from the XML file and analyze them by applying the appropriate algorithm. We have implemented this tool and the first tests show its efficiency.
KW - Anomalies
KW - Distributed firewalls
KW - Security policy
KW - XML
UR - http://www.scopus.com/inward/record.url?scp=50249132697&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=50249132697&partnerID=8YFLogxK
U2 - 10.1109/IIT.2007.4430449
DO - 10.1109/IIT.2007.4430449
M3 - Conference contribution
AN - SCOPUS:50249132697
SN - 9781424418411
T3 - Innovations'07: 4th International Conference on Innovations in Information Technology, IIT
SP - 163
EP - 167
BT - Innovations'07
PB - IEEE Computer Society
T2 - Innovations'07: 4th International Conference on Innovations in Information Technology, IIT
Y2 - 18 November 2007 through 20 November 2007
ER -