• DocumentCode
    3387161
  • Title

    Handling Anomalies in Distributed Firewalls

  • Author

    Bouhoula, Adel ; Trabelsi, Zouheir

  • Author_Institution
    Ecole Supérieure des Communications de Tunis, Cité Technologique des Communications, Route de Raoued Km 3,5 - 2083 Cité El Ghazala, Tunisia. Email: bouhoula@planet.tn
  • fYear
    2006
  • fDate
    Nov. 2006
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    Distributed Firewalls filter the incoming and outgoing network traffic based on a set of predefined filtering rules. The filtering rules have to be well defined and coherent in order to guarantee the desired responses of the Firewalls. In this paper, we propose an inference system for detecting all anomalies that could exist in a multi-Firewall network environment. Three classes of anomalies are described, namely, the Redundancy, Locking and Incoherence anomalies. Then, we give an example of common network architecture with the corresponding filtering policy. The example demonstrates how anomalies can be easily detected using the proposed inference model. Related works are discussed; and it will be demonstrated that the proposed inference model is more simple and general than related models.
  • Keywords
    Communications technology; Computer networks; Electronic mail; Filtering; Filters; Network servers; Protocols; Telecommunication traffic; Anomalies; Distributed Firewall; Filtering rules; Inference system; Security policy;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Innovations in Information Technology, 2006
  • Conference_Location
    Dubai, United Arab Emirates
  • Print_ISBN
    1-4244-0674-9
  • Electronic_ISBN
    1-4244-0674-9
  • Type

    conf

  • DOI
    10.1109/INNOVATIONS.2006.301921
  • Filename
    4085436
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3387161