期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

防火墙规则配置错误分析及其检测算法 被引量:3

Analysis of firewall rule configuration mistakes and its detecting algorithm
下载PDF
导出
摘要 对防火墙规则配置过程中可能出现的错误进行了分析,介绍了防火墙规则配置错误的几种常见类型,给出了发现错误的算法,并针对不同的错误给出了相应的解决方案。 Possible mistakes in the configuration process were analyzed. Firstly, several familiar types of mistakes in configuration were introduced, and the algorithm which can find mistakes was put forward. And then relevant layouts against different mistakes were provided.
作者 王卫平 陈文惠
机构地区 中国科学技术大学管理学院
出处 《计算机应用》 CSCD 北大核心 2005年第10期2269-2271,共3页 journal of Computer Applications
关键词 防火墙 包过滤 规则冲突 算法 firewall packet filtering rule conflict algorithm
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

  • 1GOUDA M, LIU X. Firewall Design: Consistency, Completeness,and Compactness[ A]. Proceedings of the 24th IEEE International Conference on Distributed Computing Systems (ICDCS'04)[ C],March 2004.
  • 2Al-SHAER E, HAMED H. Management and translation of filtering security policies[ A]. IEEE International Conference on Communications[C], May 2003.
  • 3Al-SHAER E, HAMED H. Firewall policy advisor for anomaly detection and rule editing[ A]. IEEE/IFIP Integrated Management IM'2003[ C], March 2003.
  • 4Al-SHAER E, HAMED H. Design and Implementation of Firewall Policy Advisor Tools [ R]. Technical Report CTI-techrep0801,School of Computer Science Telecommunications and Information Systems, DePaul University, August 2002.
  • 5HARI B, SURI S, PARULKAR G. Detecting and Resolving Packet Filter Conflicts[A]. Proceedings of IEEE INFOCOM'2000[ C],March 2000.
  • 6BABOESCU F, VARGHESE G. Fast and scalable conflict detection for packet classifiers[ A]. Proceedings of the 10th IEEE International Conference on Network Protocols[C], 2002.
  • 7WANG D, HAO RB, LEE D. Fault Detection in Rule-Based Software Systems[ J]. Concordia Prestigious Workshop on Communication Software Engineering, Montréal, Canada, Sept. 2001. Extended version to appear in the International Journal of Information and Software Technology, Elsevier, 2003, (45): 865 -871.
  • 8WOOL A. A quantitative study of firewall configuration errors[ J].IEEE Computer Society, June 2004:62 -67.
  • 9HAN J, KAMBER M. Data Mining: Concepts and Techniques[ M].Morgan Kaufmann, 2000.

同被引文献33

  • 1高峰,许南山.防火墙包过滤规则问题的研究[J].计算机应用,2003,23(z1):311-312. 被引量:14
  • 2赵启斌,梁京章.防火墙过滤规则异常的研究[J].计算机工程,2005,31(12):158-160. 被引量:6
  • 3Bartal Y,Mayer A,Nissimy K,et al.Firmato:a novel firewall management toolkit [C]//Proc of 20th IEEE Sym on Security and Privacy, Oakland, CA, 1999 : 17-31.
  • 4Comeb D E.用TCP/IP进行网际互联第一卷:原理、协议与结构[M].4版.北京:电子工业出版社,2004.
  • 5Hinden R.RFC 2374 An IPv6 aggregatable global unieast address format[S]. 1998-07.
  • 6Hinden R.RFC2373 IP Version 6 addressing architecture[S].1998-07.
  • 7Deering S,Hinden R.RFC 2460 Intemet Protocol,Version 6(IPv6) Specification,lnternet Engineering Task Force[S].1998-12.
  • 8IEEE Computer Society.A quantitative study of firewall configuration errors[J].IEEE, 2004.
  • 9Hsu J M,Hsu C F,Huang C M.Design of an IPv6 SOHO router based on embedded linux system [C]//Proceedings of the 19th International Conference on Advanced Information Networking and Applications, IEEE, 2005.
  • 10Al Shaer E S,Hamed H H.Firewall policy advisor for anomaly discovery and role editing[J].IEEE, 2003.

引证文献3

二级引证文献9

计算机应用
2005年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部