Security

Detecting and Resolving Firewall Policy Anomalies Using Rule-Based Segmentation

Free registration required

Executive Summary

In this paper, the authors present an anomaly management framework for firewalls based on a rule-based segmentation technique to facilitate not only more accurate anomaly detection but also effective anomaly resolution. They represent an innovative policy anomaly management framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective anomaly resolutions. Based on this technique, a network packet space defined by a firewall policy can be divided into a set of disjoint packet space segments. Each segment associated with a unique set of firewall rules accurately indicates an overlap relation among those rules.

  • Format: PDF
  • Size: 114.46 KB