Evaluation and testing of internet firewalls
International Journal of Network Management
MicroC/OS-II: the real-time kernel
MicroC/OS-II: the real-time kernel
Computer Networks
A Test Generation Strategy for Pairwise Testing
IEEE Transactions on Software Engineering
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Using attributed grammars to test designs and implementations
ICSE '81 Proceedings of the 5th international conference on Software engineering
Red Hat Linux Firewalls
Fang: A Firewall Analysis Engine
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A framework for malicious workload generation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Firewall policy verification and troubleshooting
Computer Networks: The International Journal of Computer and Telecommunications Networking
Two case studies in grammar-based test generation
Journal of Systems and Software
Firewall policy change-impact analysis
ACM Transactions on Internet Technology (TOIT)
First step towards automatic correction of firewall policy faults
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Change-impact analysis of firewall policies
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
Firewalls play a crucial role in network security. Experience has shown that the development of firewall rule sets is complex and error prone. Rule set errors can be costly, by allowing damaging traffic in or by blocking legitimate traffic and causing essential applications to fail. Consequently, firewall testing is extremely important. Unfortunately, it is also hard and there is little tool support available.Blowtorch is a C++ framework for firewall test generation. The central construct is the packet iterator: an event-driven generator of timestamped packet streams. Blowtorch supports the development of packet iterators with a library for packet header creation and parsing, a transmit scheduler for multiplexing of multiple packet streams, and a receive monitor for demultiplexing of arriving packet streams. The framework provides iterators which generate packet streams using covering arrays, production grammars, and replay of captured TCP traffic. Blowtorch has been used to develop tests for industrial firewalls that are placed between an IT network and a process control network.