A Hierarchical Model for Firewall Policy Extraction

A
AINA
2009
2009 International Conference on Advanced Information Networking and Applications
Abstract - A Hierarchical Model for Firewall Policy Extraction

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Eduardo Horowitz Articles by Luis C. Lamb

2009 International Conference on Advanced Information Networking and Applications

Bradford, United Kingdom

May 26-May 29

ISBN: 978-0-7695-3638-5

	ASCII Text	x
	Eduardo Horowitz, Luis C. Lamb, "A Hierarchical Model for Firewall Policy Extraction," Advanced Information Networking and Applications, International Conference on, pp. 691-698, 2009 International Conference on Advanced Information Networking and Applications, 2009.

	BibTex	x
	@article{ 10.1109/AINA.2009.116, author = {Eduardo Horowitz and Luis C. Lamb}, title = {A Hierarchical Model for Firewall Policy Extraction}, journal ={Advanced Information Networking and Applications, International Conference on}, volume = {0}, year = {2009}, issn = {1550-445X}, pages = {691-698}, doi = {http://doi.ieeecomputersociety.org/10.1109/AINA.2009.116}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Advanced Information Networking and Applications, International Conference on TI - A Hierarchical Model for Firewall Policy Extraction SN - 1550-445X SP691 EP698 A1 - Eduardo Horowitz, A1 - Luis C. Lamb, PY - 2009 KW - Firewalls; Firewall Extraction Policies; Foundations of Computer Security VL - 0 JA - Advanced Information Networking and Applications, International Conference on ER -

Eduardo Horowitz

Luis C. Lamb

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/AINA.2009.116

Firewalls are one of the most widely used mechanisms against security threats in distributed andnetwork systems.However, principled methodologies for firewall extraction policies have been scarcely investigated so far.We introduce a new model for translating low level firewall rules into higher abstraction level rules which allow for the inference of firewall policies. In order to do so, we introduced a new methodology based on rules' decorrelation algorithms that compute hierarchical firewall policies from lower level firewall rules. Further, we define a new effective model for the explicit extraction of blacklisted and whitelisted hosts and networks.

Index Terms:

Firewalls; Firewall Extraction Policies; Foundations of Computer Security

Citation:

Eduardo Horowitz, Luis C. Lamb, "A Hierarchical Model for Firewall Policy Extraction," aina, pp.691-698, 2009 International Conference on Advanced Information Networking and Applications, 2009

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.