, An inference system for detecting firewall filtering rules anomalies, Proceedings of the 2008 ACM symposium on Applied computing , SAC '08, pp.2122-2128, 2008.
DOI : 10.1145/1363686.1364197
URL : https://hal.archives-ouvertes.fr/inria-00329730
, Modeling and Management of Firewall Policies, IEEE Transactions on Network and Service Management, vol.1, issue.1, pp.2-10, 2004.
DOI : 10.1109/TNSM.2004.4623689
, Taxonomy of conflicts in network security policies, IEEE Communications Magazine, vol.44, issue.3, pp.134-141, 2006.
, Firewall policy advisor for anomaly discovery and rule editing, Proceedings of IFIP/IEEE Eighth International Symposium on Integrated Network Management, pp.17-30, 2003.
, Discovery of policy anomalies in distributed firewalls, Proceedings of IEEE INFOCOMM, pp.2605-2616, 2004.
, Complete analysis of configuration rules to guarantee reliable network security policies, International Journal of Information Security, vol.29, issue.2, pp.103-122, 2008.
DOI : 10.1007/s10207-007-0045-7
URL : https://hal.archives-ouvertes.fr/hal-01207771
, Fast and scalable conflict detection for packet classifiers, Proceedings of the 10th IEEE International Conference on Network Protocols, ICNP '02, pp.270-279, 2002.
, Network-Level Access Control Policy Analysis and Transformation, IEEE/ACM Transactions on Networking, vol.20, issue.4, pp.985-998, 2012.
DOI : 10.1109/TNET.2011.2178431
, Automatic conformance verification of distributed firewalls to security requirements, Proceedings of the 2010 IEEE Second International Conference on Social Computing, SOCIALCOM '10, pp.834-841, 2010.
, Automatic verification of conformance of firewall configurations to security policies, Proceedings of the 14th IEEE Symposium on Computers and Communications, pp.526-531, 2009.
, Conficker worm targets microsoft windows systems, 2003.
, Trojan list sorted on trojan port
, Internet packet filter management and rectangle geometry, Proceedings of the twelfth annual ACM-SIAM symposium on Discrete algorithms, pp.827-835, 2001.
, An expert system for analyzing firewall rules, Proceedings of the 6th Nordic Workshop on Secure IT Systems, pp.100-107, 2001.
, Detection and removal of firewall misconfiguration, Proceedings of the International Conference on Communication , Network and Information Security, IASTED'05, pp.154-162, 2005.
, Misconfiguration management of network security components, Proceedings of the 7th International Symposium on System and Information Security, pp.154-162, 2005.
, Automatic Conflict Analysis and Resolution of Traffic Filtering Policy for Firewall and Security Gateway, 2007 IEEE International Conference on Communications, pp.1304-1310, 2007.
DOI : 10.1109/ICC.2007.220
, MIRAGE: A Management Tool for the Analysis and Deployment of Network Security Policies, Proceedings of the 5th international Workshop on data privacy management , and 3rd international conference on Autonomous spontaneous security, pp.203-215, 2011.
DOI : 10.1109/2.485845
URL : https://hal.archives-ouvertes.fr/hal-00623634
, A Model of Stateful Firewalls and Its Properties, 2005 International Conference on Dependable Systems and Networks (DSN'05), pp.128-137, 2005.
DOI : 10.1109/DSN.2005.9
, Firewall design: consistency, completeness, and compactness, 24th International Conference on Distributed Computing Systems, 2004. Proceedings., pp.320-327, 2004.
DOI : 10.1109/ICDCS.2004.1281597
, Algorithms for packet classification, IEEE Network, vol.15, issue.2, pp.24-32, 2001.
DOI : 10.1109/65.912717
, Detecting and Resolving Firewall Policy Anomalies, IEEE Transactions on Dependable and Secure Computing, vol.9, issue.3, pp.318-331, 2012.
DOI : 10.1109/TDSC.2012.20
, Model checking firewall policy configurations, Proceedings of the IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY '09, pp.60-67, 2009.
, Firewall policy queries, IEEE Transactions on Parallel and Distributed Systems, vol.20, issue.6, pp.766-777, 2009.
, The spread of the sapphire/slammer worm, 2003.
, ACLA: A Framework for Access Control List (ACL) Analysis and Optimization, Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security Issues of the New Century, p.4, 2001.
DOI : 10.1007/978-0-387-35413-2_18
, Analyzing and resolving anomalies in firewall security policies based on propositional logic, 2009 IEEE 13th International Multitopic Conference, pp.1-7, 2009.
DOI : 10.1109/INMIC.2009.5383125
, Web Security Sourcebook, EDPACS, vol.25, issue.8, 1997.
DOI : 10.1201/1079/43236.25.8.19980201/30191.7
, Biersack and W. Dabbous Survey and taxonomy of IP address lookup algorithms, Journal IEEE Network: The Magazine of Global Internetworking, pp.8-23, 2001.
, Fast address lookups using controlled prefix expansion, ACM Transactions on Computer Systems, vol.17, issue.1, pp.1-40, 1999.
DOI : 10.1145/296502.296503
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.14.3830
, A topological approach to detect conflicts in firewall policies, 2009 IEEE International Symposium on Parallel & Distributed Processing, pp.1-7, 2009.
DOI : 10.1109/IPDPS.2009.5161245
, Fireman: A toolkit for firewall modeling and analysis, Proceedings of the IEEE Symposium on Security and Privacy, SP '06, pp.199-213, 2006.