Skip to Main content Skip to Navigation
New interface
Journal articles

Detection of firewall configuration errors with updatable tree

Abstract : The fundamental goals of security policy are to allow uninterrupted access to the network resources for authenticated users and to deny access to unauthenticated users. For this purpose, firewalls are frequently deployed in every size network. However, bad configurations may cause serious security breaches and network vulnerabilities. In particular, conflicted filtering rules lead to block legitimate traffic and to accept unwanted packets. This fact troubles administrators who have to insert and delete filtering rules in a huge configuration file. We propose in this paper a quick method for managing a firewall configuration file. We represent the set of filtering rules by a firewall anomaly tree (FAT). Then, an administrator can update the FAT by inserting and deleting some filtering rules. The FAT modification automatically reveals emerged anomalies and helps the administrator to find the adequate position for a new added filtering rule. All the algorithms presented in the paper have been implemented, and computer experiments show the usefulness of updating the FAT data structure in order to quickly detect anomalies when dealing with a huge firewall configuration file.
Complete list of metadata

Cited literature [32 references]  Display  Hide  Download
Contributor : Michaël Rusinowitch Connect in order to contact the contributor
Submitted on : Saturday, May 28, 2016 - 2:39:06 PM
Last modification on : Friday, July 8, 2022 - 10:05:14 AM


Files produced by the author(s)




Tarek Abbes, Adel Bouhoula, Michaël Rusinowitch. Detection of firewall configuration errors with updatable tree. International Journal of Information Security, 2016, 15 (3), pp.301-317. ⟨10.1007/s10207-015-0290-0⟩. ⟨hal-01320646⟩



Record views


Files downloads