A formal model for network-wide security analysis
J Rab, P Matousek, O Rysavy… - 15th Annual IEEE …, 2008 - ieeexplore.ieee.org
Network designers perform challenging tasks with so many configuration options that it is
often hard or even impossible for a human to predict all potentially dangerous situations. In …
often hard or even impossible for a human to predict all potentially dangerous situations. In …
[图书][B] Formal analysis of firewall policies
RM Marmorstein - 2008 - search.proquest.com
This dissertation describes a technique for formally analyzing a firewall security policy using
a quasi-reduced multiway decision diagram model. The analysis allows a system …
a quasi-reduced multiway decision diagram model. The analysis allows a system …
[PDF][PDF] Acceleration of IPTABLES Linux packet filtering using GPGPU
Firewalls are a piece of software or hardware that control access to organization networks.
Packet filtering is placed in the heart of firewalls. It is performed by comparing each data …
Packet filtering is placed in the heart of firewalls. It is performed by comparing each data …
[PDF][PDF] Hardware-constrained Packet Classification
D Antoš - Ph. D. dissertation, 2006 - is.muni.cz
The goal of this work is to propose a unified packet classification method combining routing,
level 3-to-level 2 address translation (ARP), and packet filtering, that can be implemented on …
level 3-to-level 2 address translation (ARP), and packet filtering, that can be implemented on …
Formal analysis approach on networks with dynamic behaviours
G de Silva, P Matoušek, O Ryšavý… - … Congress on Ultra …, 2010 - ieeexplore.ieee.org
Formal verification and validation techniques such as model checking are not widely used in
computer networks. These methods are very useful to identify configuration errors, identify …
computer networks. These methods are very useful to identify configuration errors, identify …
Security analysis of TCP/IP networks: An approach to automatic analysis of network security properties
This paper deals with an approach to security analysis of TCP/IP-based computer networks.
The method developed stems from a formal model of network topology with changing link …
The method developed stems from a formal model of network topology with changing link …
[PDF][PDF] Packet Filtering for FPGA-Based Routing Accelerator
In this paper, we present a novel approach for Binary Decision Diagram based semantically
extended representation of packet filters called Filter Decision Diagrams (FDD), used for …
extended representation of packet filters called Filter Decision Diagrams (FDD), used for …
Reducing packet delay through filter merging
P Comerford, JN Davies, V Grout - … of the 9th International Conference on …, 2016 - dl.acm.org
The use of packet filters has increased considerably due to the growth of Internet users and
network services. A number of header fields must be examined by the filter, causing delay …
network services. A number of header fields must be examined by the filter, causing delay …
Static Analysis of Routing and Firewall Policy Configurations
Network design that meets customer's security requirements needs careful considerations
when configuring routing and filtering rules. This paper deals with an approach to security …
when configuring routing and filtering rules. This paper deals with an approach to security …
On formal reachability analysis in networks with dynamic behavior
Recently, several researches have suggested an application of formal methods for
identifying configuration errors, unveiling design problems and predicting network behavior …
identifying configuration errors, unveiling design problems and predicting network behavior …