Professional PHP Programming
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
Algorithms for routing lookups and packet classification
Algorithms for routing lookups and packet classification
Firewall Design: Consistency, Completeness, and Compactness
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Taxonomy of conflicts in network security policies
IEEE Communications Magazine
Conflict classification and analysis of distributed firewall policies
IEEE Journal on Selected Areas in Communications
A formal approach for testing security rules
Proceedings of the 12th ACM symposium on Access control models and technologies
Semantic context aware security policy deployment
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Managing intrusion detection rule sets
Proceedings of the Third European Workshop on System Security
Misconfigurations discovery between distributed security components using the mobile agent approach
Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
MIRAGE: a management tool for the analysis and deployment of network security policies
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
Change-impact analysis of firewall policies
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
The use of different network security components, such as firewalls and network intrusion detection systems (NIDSs), is the dominant method to survey and guarantee the security policy in current corporate networks. On the one hand, firewalls are traditional security components which provide means to filter traffic within corporate networks, as well as to police the incoming and outcoming interaction with the Internet. On the other hand, NIDSs are complementary security components used to enhance the visibility level of the network, pointing to malicious or anomalous traffic. To properly configure both firewalls and NIDSs, it is necessary to use several sets of filtering and alerting rules. Nevertheless, the existence of anomalies between those rules, particularly in distributed multi-component scenarios, is very likely to degrade the network security policy. The discovering and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a set of algorithms for such a management.