Firewall Rule Set Inconsistency Characterization by Clustering

Sergio Pozo; Rafael Ceballos; Rafael M. Gasca

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Firewall Rule Set Inconsistency Characterization by Clustering

In Proceedings of the 6th International Workshop on Security in Information Systems - Volume 0ICEIS, 138-144, 2008 , Barcelona, Spain

Authors: Sergio Pozo ; Rafael Ceballos and Rafael M. Gasca

Affiliation: ETS Ingeniería Informática, University of Seville, Spain

Abstract: Firewall ACLs could have inconsistencies, allowing traffic that should be denied or vice-versa. In this paper, we analyze the inconsistency characterization problem as a separate problem of the diagnosis one, and propose definitions to characterize one-to-many inconsistencies. We identify the combinatorial part of the problem that causes exponential complexity in combined diagnosis and characterization algorithms proposed by other researchers. The problem is divided in several smaller combinatorial ones, which effectively reduces its complexity. Finally, we propose a heuristic to solve the problem in worst case polynomial time as a proof of concept.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.146.107.144

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Pozo, S.; Ceballos, R. and M. Gasca, R. (2008). Firewall Rule Set Inconsistency Characterization by Clustering. In Proceedings of the 6th International Workshop on Security in Information Systems (ICEIS 2008) - WOSIS; ISBN 978-989-8111-44-9, SciTePress, pages 138-144. DOI: 10.5220/0001730701380144

@conference{wosis08,
author={Sergio Pozo. and Rafael Ceballos. and Rafael {M. Gasca}.},
title={Firewall Rule Set Inconsistency Characterization by Clustering},
booktitle={Proceedings of the 6th International Workshop on Security in Information Systems (ICEIS 2008) - WOSIS},
year={2008},
pages={138-144},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001730701380144},
isbn={978-989-8111-44-9},
}

TY - CONF

JO - Proceedings of the 6th International Workshop on Security in Information Systems (ICEIS 2008) - WOSIS
TI - Firewall Rule Set Inconsistency Characterization by Clustering
SN - 978-989-8111-44-9
AU - Pozo, S.
AU - Ceballos, R.
AU - M. Gasca, R.
PY - 2008
SP - 138
EP - 144
DO - 10.5220/0001730701380144
PB - SciTePress