Seven good reasons for mobile agents
Communications of the ACM
Agent-mediated electronic commerce: a survey
The Knowledge Engineering Review
Representation and analysis of coordinated attacks
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
A framework of cooperating intrusion detection based on clustering analysis and expert system
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Complete analysis of configuration rules to guarantee reliable network security policies
International Journal of Information Security
A secure mobile agents approach for anomalies detection on firewalls
Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services
Towards filtering and alerting rule rewriting on single-component policies
SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Analysis of policy anomalies on distributed network security setups
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Taxonomy of conflicts in network security policies
IEEE Communications Magazine
Conflict classification and analysis of distributed firewall policies
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
Nowadays, to survey and guarantee the security policy in networks, the administrator uses different network security components, such as firewalls and intrusion detection systems (IDS). For a perfect interoperability between these components in the network, these latter must be configured properly to avoid misconfiguration anomalies between them. However, there are a set of anomalies between alerting rules in the IDS and filtering rules in firewalls, that degrade the network security policy. In this paper, we will present a mobile agent based architecture to detect misconfigurations between these distributed components and generate a new set of rules free of errors. A case study will illustrate the effectiveness of our approach.