Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
Black-box testing: techniques for functional testing of software and systems
Black-box testing: techniques for functional testing of software and systems
Building Internet firewalls (2nd ed.)
Building Internet firewalls (2nd ed.)
Validation, Verification, and Testing of Computer Software
ACM Computing Surveys (CSUR)
The CERT guide to system and network security practices
The CERT guide to system and network security practices
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Architecting the Lumeta firewall analyzer
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Modeling and Management of Firewall Policies
IEEE Transactions on Network and Service Management
Algorithms for packet classification
IEEE Network: The Magazine of Global Internetworking
Vulnerability analysis For evaluating quality of protection of security policies
Proceedings of the 2nd ACM workshop on Quality of protection
PolicyVis: firewall security policy visualization and inspection
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Model-Based Firewall Conformance Testing
TestCom '08 / FATES '08 Proceedings of the 20th IFIP TC 6/WG 6.1 international conference on Testing of Software and Communicating Systems: 8th International Workshop
TestCom '08 / FATES '08 Proceedings of the 20th IFIP TC 6/WG 6.1 international conference on Testing of Software and Communicating Systems: 8th International Workshop
Firewall policy verification and troubleshooting
Computer Networks: The International Journal of Computer and Telecommunications Networking
FAME: a firewall anomaly management environment
Proceedings of the 3rd ACM workshop on Assurable and usable security configuration
Hi-index | 0.00 |
Firewall development and implementation are constantly being improved to accommodate higher security and performance standards. Using reliable yet practical techniques for testing new packet filtering algorithms and firewall design implementations from a functionality point of view becomes necessary to assure the required security. In this paper, an efficient paradigm for automated testing of firewalls with respect to their internal implementation and security policies is proposed. We propose a novel firewall testing technique using policy-based segmentation of the traffic address space, which can intelligently adapt the test traffic generation to target potential erroneous regions in the firewall input space. We also show that our automated approach of test case generation, analyzing firewall logs and creating testing reports not only makes the problem solvable but also offers a significantly higher degree of confidence than random testing.