End-to-end routing behavior in the Internet
IEEE/ACM Transactions on Networking (TON)
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Fang: A Firewall Analysis Engine
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Practical Attack Graph Generation for Network Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Computer Networks: The International Journal of Computer and Telecommunications Networking
Why do internet services fail, and what can be done about it?
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
IEEE Transactions on Parallel and Distributed Systems
IEEE Transactions on Parallel and Distributed Systems
Modeling and understanding end-to-end class of service policies in operational networks
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
TCAM Razor: a systematic approach towards minimizing packet classifiers in TCAMs
IEEE/ACM Transactions on Networking (TON)
Hi-index | 0.00 |
Quantifying and querying network reachability is important for security monitoring and auditing as well as many aspects of network management such as troubleshooting, maintenance, and design. Although attempts to model network reachability have been made, feasible solutions to computing network reachability have remained unknown. In this paper, we propose a suite of algorithms for quantifying reachability based on network configurations [mainly Access Control Lists (ACLs)] as well as solutions for querying network reachability. We present a network reachability model that considers connectionless and connection-oriented transport protocols, stateless and stateful routers/ firewalls, static and dynamic NAT, PAT, IP tunneling, etc. We implemented the algorithms in our network reachability tool called Quarnet and conducted experiments on a university network. Experimental results show that the offline computation of reachability matrices takes a few hours, and the online processing of a reachability query takes 0.075 s on average.