2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA) (2009)
Bradford, United Kingdom
May 26, 2009 to May 29, 2009
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/AINA.2009.116
Firewalls are one of the most widely used mechanisms against security threats in distributed andnetwork systems.However, principled methodologies for firewall extraction policies have been scarcely investigated so far.We introduce a new model for translating low level firewall rules into higher abstraction level rules which allow for the inference of firewall policies. In order to do so, we introduced a new methodology based on rules' decorrelation algorithms that compute hierarchical firewall policies from lower level firewall rules. Further, we define a new effective model for the explicit extraction of blacklisted and whitelisted hosts and networks.
Firewalls; Firewall Extraction Policies; Foundations of Computer Security
Eduardo Horowitz, Luis C. Lamb, "A Hierarchical Model for Firewall Policy Extraction", 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), vol. 00, no. , pp. 691-698, 2009, doi:10.1109/AINA.2009.116