Evaluation and testing of internet firewalls
International Journal of Network Management
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Statistical properties of probabilistic context-free grammars
Computational Linguistics
Modeling and Verification of IPSec and VPN Security Policies
ICNP '05 Proceedings of the 13TH IEEE International Conference on Network Protocols
V6Gene: A Scalable IPv6 Prefix Generator for Route Lookup Algorithm Benchmark
AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 01
FIREMAN: A Toolkit for FIREwall Modeling and ANalysis
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Probabilistic parsing strategies
ACL '04 Proceedings of the 42nd Annual Meeting on Association for Computational Linguistics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient packet classification using TCAMs
Computer Networks: The International Journal of Computer and Telecommunications Networking
Architecting the Lumeta firewall analyzer
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
An Automated Framework for Validating Firewall Policy Enforcement
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
Design and evaluation of packet classification systems
Design and evaluation of packet classification systems
ClassBench: a packet classification benchmark
IEEE/ACM Transactions on Networking (TON)
Model Checking Firewall Policy Configurations
POLICY '09 Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks
Synthetic security policy generation via network traffic clustering
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
| Hi-index | 0.00 |
Access-control lists are an essential part in the security framework of any system. Researchers are always in need to have a repository of ready made policies for conducting research and development. Such policies, especially firewall policies which are the focus of our work, are needed to perform performance testing as well as configuration analysis. In this paper we introduce a novel technique to perform access-control policy generation. The proposed approach learns policy parameters from a set of given policies. It generates policies that conform with natural policy-writing practices while following the grammar syntax required by the security device. A probabilistic learning approach is used to infer transition probabilities for the given policy grammar.