论文信息 - Resolving Cross Domain Firewall Policy Anomalies

Resolving Cross Domain Firewall Policy Anomalies

For last few years, Firewall usage with regard to protected network emails is important. Its ability to process inbound and confident bundle moves and accept or eliminate those bundle in accordance with the processing is what keeps this systems and networks protected. But considering a vast organization’s protection needs with regard to firewall program guidelines, typical home solutions won't be sufficient because such organizations are compounds of different subnets which require comfort during plan quality. The key technical restriction is that firewall program guidelines cannot be shared across different websites for easier control because a firewall program plan might include important info and this might be a potential protection cycle hole that can be utilized by harmful users. Although largest rule calculations methods help to some extent they are unsuccessful of performance in accordance with the presence of NAT (Network Address Translation) device across different subnets (domains). So here recommend improving the current solution with a quality decision tree classifier criteria applied at routers for achieving the comfort maintained firewall program plan abnormality solutions with regard to repetitive rules control. So it involves wireless router extension

[1] Alex X. Liu,et al. Cross-Domain Privacy-Preserving Cooperative Firewall Optimization , 2013, IEEE/ACM Transactions on Networking.

[2] Mohamed G. Gouda,et al. Complete Redundancy Removal for Packet Classifiers in TCAMs , 2010, IEEE Trans. Parallel Distributed Syst..

[3] Hong Shen,et al. Efficient and secure protocols for privacy-preserving set operations , 2009, TSEC.

[4] Carsten Lund,et al. Modeling and understanding end-to-end class of service policies in operational networks , 2009, SIGCOMM '09.

[5] Chad R. Meiners,et al. All-Match Based Complete Redundancy Removal for Packet Classifiers in TCAMs , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[6] Eric Torng,et al. TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs , 2007, 2007 IEEE International Conference on Network Protocols.

[7] Jia Wang,et al. Packet classifiers in ternary CAMs can be smaller , 2006, SIGMETRICS '06/Performance '06.

[8] Vitaly Shmatikov,et al. Privacy-Preserving Graph Algorithms in the Semi-honest Model , 2005, ASIACRYPT.

[9] Avishai Wool,et al. A quantitative study of firewall configuration errors , 2004, Computer.

[10] Ehab Al-Shaer,et al. Discovery of policy anomalies in distributed firewalls , 2004, IEEE INFOCOM 2004.

[11] George Varghese,et al. Packet classification using multidimensional cutting , 2003, SIGCOMM '03.