Handling Stateful Firewall Anomalies

Frédéric Cuppens 1, 2 Nora Cuppens-Boulahia 1, 2 Joaquin Garcia Alfaro 1 Tarik Moataz 1 Xavier Rimasson 1
2 Lab-STICC_TB_CID_SFIIS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : A security policy consists of a set of rules designed to protect an information system. To ensure this protection, the rules must be deployed on security components in a consistent and non-redundant manner. Unfortunately, an empirical approach is often adopted by network administrators, to the detriment of theoretical validation. While the literature on the analysis of configurations of first generation (stateless) firewalls is now rich, this is not the case for second and third generation firewalls, also known as stateful firewalls. In this paper, we address this limitation, and provide solutions to analyze and handle stateful firewall anomalies and misconfiguration.
Document type :
Conference papers
Dimitris Gritzalis; Steven Furnell ; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.174-186, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_15〉
Liste complète des métadonnées

Cited literature [20 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-00737170
Contributor : Bibliothèque Télécom Bretagne <>
Submitted on : Monday, October 1, 2012 - 1:44:58 PM
Last modification on : Friday, November 24, 2017 - 3:34:39 PM
Document(s) archivé(s) le : Friday, December 16, 2016 - 7:00:41 PM

File

sec12-preprint.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Frédéric Cuppens, Nora Cuppens-Boulahia, Joaquin Garcia Alfaro, Tarik Moataz, Xavier Rimasson. Handling Stateful Firewall Anomalies. Dimitris Gritzalis; Steven Furnell ; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.174-186, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_15〉. 〈hal-00737170〉

Share

Metrics

Record views

504

Files downloads

233