Advertisement

A new approach for anomalies resolution within filtering rules

  • Anis YAZIDI
  • Adel BOUHOULA

During the last past years, the Internet has been growing at a high pace raising new challenges in the field of network security. Obviously, firewalls are core elements in network security. Firewalls have been regarded as barriers against unauthorized traffic and attacks. However, the effectiveness of a firewall is generally affected by the presence of anomalies within its filtering rules. Anomalies discovery within filtering rules has been a crucial issue. Multiple approaches have been developed aiming at discovering firewalls anomalies. However, no such work, to the best of our knowledge, was invested in studying the correction of these anomalies. From this perspective, our work attempts to fill the void in this field. In this paper, we propose a new scheme to resolve policy anomalies. The correction process is assisted by the network administrator in order to reflect exactly the desired policy. We consider the claim of [1] stating that ordering the rules do not work in all the cases. Constraints on the rules order are deduced from the process of anomalies discovery. Based on these constraints, we define a model to arrange the rules with the possibility of adding new rules when needed. We have implemented our method and the first results are very promising

Keywords

Firewall Filtering rules Firewall policy anomalies discovery anomalies correction 

Copyright information

© Springer 2007

Authors and Affiliations

  • Anis YAZIDI
    • 1
  • Adel BOUHOULA
    • 1
  1. 1.Ecole Supèrieure des Communications de Tunis, Citè Technologique des Communications, Route de Raoued Km 3,5 – 2083Citè El GhazalaTunisia

Personalised recommendations