Isolating cause-effect chains from computer programs
Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering
Fast and Scalable Conflict Detection for Packet Classifiers
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Firewall Security: Policies, Testing and Performance Evaluation
COMPSAC '00 24th International Computer Software and Applications Conference
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Blowtorch: a framework for firewall test automation
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
FIREMAN: A Toolkit for FIREwall Modeling and ANalysis
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Assisted firewall policy repair using examples and history
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
IEEE Transactions on Parallel and Distributed Systems
Systematic Structural Testing of Firewall Policies
SRDS '08 Proceedings of the 2008 Symposium on Reliable Distributed Systems
Fault Localization for Firewall Policies
SRDS '09 Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems
Automated pseudo-live testing of firewall configuration enforcement
IEEE Journal on Selected Areas in Communications - Special issue on network infrastructure configuration
First step towards automatic correction of firewall policy faults
LISA'10 Proceedings of the 24th international conference on Large installation system administration
IEEE Transactions on Network and Service Management
Change-impact analysis of firewall policies
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
Firewalls are critical components of network security and have been widely deployed for protecting private networks. A firewall determines whether to accept or discard a packet that passes through it based on its policy. However, most real-life firewalls have been plagued with policy faults, which either allow malicious traffic or block legitimate traffic. Due to the complexity of firewall policies, manually locating the faults of a firewall policy and further correcting them are difficult. Automatically correcting the faults of a firewall policy is an important and challenging problem. In this article, we first propose a fault model for firewall policies including five types of faults. For each type of fault, we present an automatic correction technique. Second, we propose the first systematic approach that employs these five techniques to automatically correct all or part of the misclassified packets of a faulty firewall policy. Third, we conducted extensive experiments to evaluate the effectiveness of our approach. Experimental results show that our approach is effective to correct a faulty firewall policy with three of these types of faults.