An Optimized Firewall Anomaly Resolution

Firewalls are the key mechanism in cybersecurity, that has been widely used to ensure network security. In literature, several works have been proposed in the area of firewall rules managing, however, the correct firewall configuration still remains a complex and error-prone task. Anomalies among firewall rules can cause severe network breaches, such as allowing harmful packets to slip into a subnetwork or dropping legitimate traffic which in turn could hinder the correct availability of web services. This paper aims to help the network security administrators by introducing a formal approach that reduces the number of anomalies in firewalls’ configurations that the administrators are usually obligated to manually solve.

[1]  Atul Prakash,et al.  FACE: a firewall analysis and configuration engine , 2005, The 2005 Symposium on Applications and the Internet.

[2]  Norbert Lehmann,et al.  FireCrocodile: A Checker for Static Firewall Configurations , 2006, Security and Management.

[3]  Adriano Valenzano,et al.  A comprehensive approach to the automatic refinement and verification of access control policies , 2019, Comput. Secur..

[4]  Ahmed Khoumsi,et al.  Automata-based approach to design and analyze security policies , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[5]  Elisa Bertino,et al.  Methods and Tools for Policy Analysis , 2019, ACM Comput. Surv..

[6]  Gail-Joon Ahn,et al.  FAME: a firewall anomaly management environment , 2010, SafeConfig '10.

[7]  Chen-Nee Chuah,et al.  FIREMAN: a toolkit for firewall modeling and analysis , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[8]  Ahmed Khoumsi,et al.  A Formal Approach to Verify Completeness and Detect Anomalies in Firewall Security Policies , 2014, FPS.

[9]  Cataldo Basile,et al.  Assessing network authorization policies via reachability analysis , 2017, Comput. Electr. Eng..

[10]  Fulvio Risso,et al.  Time Driven Priority Router Implementation and First Experiments , 2006, 2006 IEEE International Conference on Communications.

[11]  Emil C. Lupu,et al.  Conflicts in Policy-Based Distributed Systems Management , 1999, IEEE Trans. Software Eng..

[12]  Ray Hunt,et al.  Internet/Intranet firewall security - policy, architecture and transaction services , 1998, Comput. Commun..

[13]  Cataldo Basile,et al.  Classification and Analysis of Communication Protection Policy Anomalies , 2017, IEEE/ACM Transactions on Networking.

[14]  Cataldo Basile,et al.  Adding Support for Automatic Enforcement of Security Policies in NFV Networks , 2019, IEEE/ACM Transactions on Networking.

[15]  Kostas Pentikousis,et al.  Service Provider DevOps , 2017, IEEE Communications Magazine.

[16]  Mohamed G. Gouda,et al.  Complete Redundancy Detection in Firewalls , 2005, DBSec.

[17]  Cataldo Basile,et al.  Inter-Technology Conflict Analysis for Communication Protection Policies , 2022 .

[18]  Adriano Valenzano,et al.  Leveraging SDN to improve security in industrial networks , 2017, 2017 IEEE 13th International Workshop on Factory Communication Systems (WFCS).

[19]  Raouf Boutaba,et al.  Policy-based Management: A Historical Perspective , 2007, Journal of Network and Systems Management.

[20]  Shyamanta M. Hazarika,et al.  Model checking a firewall for anomalies , 2013, 2013 1st International Conference on Emerging Trends and Applications in Computer Science.

[21]  Mohamed G. Gouda,et al.  Structured firewall design , 2007, Comput. Networks.

[22]  Andrea Westerinen,et al.  Terminology for Policy-Based Management , 2001, RFC.

[23]  Adriano Valenzano,et al.  A model for the analysis of security policies in service function chains , 2017, 2017 IEEE Conference on Network Softwarization (NetSoft).

[24]  Ehab Al-Shaer,et al.  Conflict classification and analysis of distributed firewall policies , 2005, IEEE Journal on Selected Areas in Communications.

[25]  G. Marchetto,et al.  Pipeline Forwarding of Packets Based on a Low-Accuracy Network-Distributed Common Time Reference , 2009, IEEE/ACM Transactions on Networking.

[26]  Cataldo Basile,et al.  A formal model of network policy analysis , 2015, 2015 IEEE 1st International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI).

[27]  Gail-Joon Ahn,et al.  Detecting and Resolving Firewall Policy Anomalies , 2012, IEEE Transactions on Dependable and Secure Computing.