Title :
Handling Anomalies in Distributed Firewalls
Author :
Bouhoula, Adel ; Trabelsi, Zouheir
Author_Institution :
Ecole Supérieure des Communications de Tunis, Cité Technologique des Communications, Route de Raoued Km 3,5 - 2083 Cité El Ghazala, Tunisia. Email: bouhoula@planet.tn
Abstract :
Distributed Firewalls filter the incoming and outgoing network traffic based on a set of predefined filtering rules. The filtering rules have to be well defined and coherent in order to guarantee the desired responses of the Firewalls. In this paper, we propose an inference system for detecting all anomalies that could exist in a multi-Firewall network environment. Three classes of anomalies are described, namely, the Redundancy, Locking and Incoherence anomalies. Then, we give an example of common network architecture with the corresponding filtering policy. The example demonstrates how anomalies can be easily detected using the proposed inference model. Related works are discussed; and it will be demonstrated that the proposed inference model is more simple and general than related models.
Keywords :
Communications technology; Computer networks; Electronic mail; Filtering; Filters; Network servers; Protocols; Telecommunication traffic; Anomalies; Distributed Firewall; Filtering rules; Inference system; Security policy;
Conference_Titel :
Innovations in Information Technology, 2006
Conference_Location :
Dubai, United Arab Emirates
Print_ISBN :
1-4244-0674-9
Electronic_ISBN :
1-4244-0674-9
DOI :
10.1109/INNOVATIONS.2006.301921
