Verified iptables firewall analysis and verification
This article summarizes our efforts around the formally verified static analysis of iptables
rulesets using Isabelle/HOL. We build our work around a formal semantics of the behavior of …
rulesets using Isabelle/HOL. We build our work around a formal semantics of the behavior of …
Creating snort-IDS rules for detection behavior using multi-sensors in private cloud
K Sengaphay, S Saiyod, N Benjamas - Information Science and …, 2016 - Springer
The private cloud system plays an important role in the present time because it has the
ability to adjust to work better based on the needs of users, such as an adjustment of …
ability to adjust to work better based on the needs of users, such as an adjustment of …
Afpl, an abstract language model for firewall acls
S Pozo, R Ceballos, RM Gasca - … Conference, Perugia, Italy, June 30–July …, 2008 - Springer
Abstract Design and management of firewall rule sets is difficult and error prone, mainly
because the translation of access control requirements to low level languages is difficult …
because the translation of access control requirements to low level languages is difficult …
Model-based development of firewall rule sets: Diagnosing model inconsistencies
S Pozo, R Ceballos, RM Gasca - Information and Software Technology, 2009 - Elsevier
The design and management of firewall rule sets is a very difficult and error-prone task
because of the difficulty of translating access control requirements into complex low-level …
because of the difficulty of translating access control requirements into complex low-level …
Semantics-preserving simplification of real-world firewall rule sets
The security provided by a firewall for a computer network almost completely depends on
the rules it enforces. For over a decade, it has been a well-known and unsolved problem that …
the rules it enforces. For over a decade, it has been a well-known and unsolved problem that …
Fast algorithms for consistency-based diagnosis of firewall rule sets
SP Hidalgo, R Ceballos… - 2008 Third International …, 2008 - ieeexplore.ieee.org
Firewalls provide the first line of defence of nearly all networked institutions today. However,
Firewall ACL management suffer some problems that need to be addressed in order to be …
Firewall ACL management suffer some problems that need to be addressed in order to be …
Directed security policies: A stateful network implementation
Large systems are commonly internetworked. A security policy describes the communication
relationship between the networked entities. The security policy defines rules, for example …
relationship between the networked entities. The security policy defines rules, for example …
Fast algorithms for local inconsistency detection in firewall acl updates
S Pozo, R Ceballos, RM Gasca… - … on Emerging Security …, 2008 - ieeexplore.ieee.org
Filtering is a very important issue in next generation networks. These networks consist of a
relatively high number of resource constrained devices with very special features, such as …
relatively high number of resource constrained devices with very special features, such as …
Classifying rules by in-out traffic direction to avoid security policy anomaly
SH Kim, HJ Lee - KSII Transactions on Internet and Information …, 2010 - koreascience.kr
The continuous growth of attacks in the Internet causes to generate a number of rules in
security devices such as Intrusion Prevention Systems, firewalls, etc. Policy anomalies in …
security devices such as Intrusion Prevention Systems, firewalls, etc. Policy anomalies in …
[PDF][PDF] 基于信息增益的防火墙过滤域排序优化①
王卫平, 王旭虓, 陈赫然, 陈家耀 - 计算机系统应用, 2009 - csa.org.cn
传统的防火墙从检测规则冲突和调整规则排序两方面来提高防火墙性能, 但效果都不是很理想.
本文从优化防火墙过滤域排序这样的一个新角度, 依据信息增益理论构造决策树 …
本文从优化防火墙过滤域排序这样的一个新角度, 依据信息增益理论构造决策树 …