Misconfigurations discovery between distributed security components using the mobile agent approach

Authors:
Fakher Ben Ftima;Kamel Karoui;Henda Ben Ghezala
Affiliations:
University of Manouba;University of Manouba;University of Manouba
Venue:
Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
Year:
2009

Citing 11
Cited 0

Seven good reasons for mobile agents

Communications of the ACM
Agent-mediated electronic commerce: a survey

The Knowledge Engineering Review
Representation and analysis of coordinated attacks

Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
A framework of cooperating intrusion detection based on clustering analysis and expert system

InfoSecu '04 Proceedings of the 3rd international conference on Information security
Complete analysis of configuration rules to guarantee reliable network security policies

International Journal of Information Security
A secure mobile agents approach for anomalies detection on firewalls

Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services
Towards filtering and alerting rule rewriting on single-component policies

SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Analysis of policy anomalies on distributed network security setups

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Taxonomy of conflicts in network security policies

IEEE Communications Magazine
Conflict classification and analysis of distributed firewall policies

IEEE Journal on Selected Areas in Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Nowadays, to survey and guarantee the security policy in networks, the administrator uses different network security components, such as firewalls and intrusion detection systems (IDS). For a perfect interoperability between these components in the network, these latter must be configured properly to avoid misconfiguration anomalies between them. However, there are a set of anomalies between alerting rules in the IDS and filtering rules in firewalls, that degrade the network security policy. In this paper, we will present a mobile agent based architecture to detect misconfigurations between these distributed components and generate a new set of rules free of errors. A case study will illustrate the effectiveness of our approach.