一种分布式防火墙过滤策略的异常检测模型被引量：3

Model for discovering anomalies of distribute firewall filtering policy

下载PDF

导出

摘要分布式防火墙的安全性很大程度上取决于过滤策略正确配置。过滤策略的异常可能导致分布式防火墙系统所保护的网络出现严重的访问漏洞。为了能够自动化地检测分布式防火墙过滤策略存在的异常,对分布式防火墙系统中各过滤节点上的过滤规则之间可能出现的异常进行分类,并建立了一个过滤策略异常检测的模型。该模型能够检测出分布式防火墙过滤规则之间的冗余、冲突、不完整等各种异常,从而保证了分布式防火墙过滤策略的完整性和一致性。 The security of the distribute firewall lies deeply on the correct configuration of filtering policy. The anomalies of the filtering policy will result in fateful access vulnerability of the network protected by the distribute firewall system. In order to discovery the anomalies of the distribute firewall filtering policy automatically, the possible anomalies among the rules of all filtering nodes of the distribute firewall system is classified and defined, and a model for discovering anomalies of distribute firewall filtering policy is made. With this model, all kinds of anomalies such as redundancy anomaly, conflict anomaly and incomplete anomaly among the filtering rules of the distribute firewall is discovered to ensure the integrality and consistency of the filtering policy.

作者荀宝铖罗军勇

机构地区解放军信息工程大学信息工程学院网络工程系

出处《计算机工程与设计》 CSCD 北大核心 2006年第22期4201-4203,4206,共4页 Computer Engineering and Design

基金国家863高技术研究发展计划基金项目(2003AA146010)

关键词分布式防火墙过滤策略异常检测过滤结点过滤规则 distribute firewall filtering policy anomaly discovering filtering node filtering rule

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献14

1Bellovin S M.Distributed firewalls[C].Login:Magazine,Special Issue on Security,1999.37-39.
2Robert Stepanek.Distribute firewall[C].Seminar on Network,Security Telecommunications Software and Multimedia Laboratory,2001.
3Woo T.A modular approach to packet classification:Algorithms and results[C].Proceedings of IEEE INFOCOM'00,2000.
4Cobb S.ICSA firewall policy guide v2.0[M].NCSA Security White Paper Series,1997.
5Hazelhusrt S.Algorithms for analyzing firewall and router access lists[R].South Africa:Technical Report TRWitsCS-1999,Department of Computer Science,University of theWitwatersrand,1999.
6Fu Z,Wu F,Huang H,et al.IPSec/VPN security policy:Correctness,conflict detection and resolution[C].Proceedings of Policy 2001 Workshop,2001.
7Al-Shaer E,Hamed H.Design and implementation of firewall policy advisor tools[R].TechnicalReport CTI-techrep0801,School of Computer Science Telecommunications and Information Systems,DePaul University,2002.
8Al-Shaer E,Hamed H.Firewall policy advisor for anomaly detection and rule editing[C].IEEE/IFIP Integrated Management IM,2003.
9Al-Shaer E,Hamed H.Management and translation of filtering security policies[C].IEEE International Conference on Communications,2003.
10Hari B,Suri S,Parulkar G.Detecting and resolving packet filter conflicts[C].Proceedings of IEEE INFOCOM'00,2000.

同被引文献21

1蒋康丽,熊齐邦.策略网管中规则冲突检测算法的研究[J].计算机工程与设计,2005,26(1):79-81. 被引量：4
2A1-Shaer E, E1-Atawy A, Samak T. Automated pseudo-live testing of firewall configuration enforcement [J]. Network In- frastructureConfiguration, 2009, 27 (3):302-314.
3Senn D, Basin D, Caronni G. Firewall conformance testing [C]. TestCom, 2005: 226-241.
4Kiesel S, Scharf M. Modeling and performance evaluation of transport protocols for firewall control [J]. Computer Net- work, 2007, 51 (11): 3232-3251.
5Brucker A D, Brtigger L, Kearney P, et al. Verified firewall policy transformations for test case generation [C]. Third In- ternational Conference on Software Testing, Verification and Validation, 2010: 345-354.
6Tuglular T, Kaya O, Muftuoglu A, et al. Directed acyclic graph modeling of security policies for firewall testing [C]. Proceedings of SSIRI, 2009: 393-398.
7Alex X L. Firewall policy verification and trouble shooting [J]. Computer Networks, 2009, 53 (16): 2800-2809.
8Winding R, Wright T, Chapple M. System anomaly detec- tion., mining firewall logs[C]. Proceedings of the Securecomm and Workshops. IEEE Computer Society, 2006 : 1-5.
9Stanford P J, Parish D J, Stanford J M. Detecting security threats in the network core using data mining techniques [C]. Network Operations and Management Symposium, 2006: 1-4.
10Golnabi K, Min R K, Khan L, et al. Analysis of firewall policy rules using data mining techniques [C]. Proceedings of the 10th IEEE/IFIP Symposium on Network Operation and Management, 2006: 305-315.

引证文献3

1余文卫,王永吉.基于Snort规则库的冲突检测[J].计算机工程与设计,2008,29(3):576-579. 被引量：1
2陈铮,连一峰,张海霞.基于日志挖掘的防火墙安全测评方法[J].计算机工程与设计,2012,33(1):66-73.
3胡金媛,陈意翔.分布式防火墙过滤规则的分类与异常检测[J].教育技术导刊,2008(2):92-94.

二级引证文献1

1陈翠云,梁华庆.基于蜜罐提升Snort检测能力的设计[J].电子设计工程,2016,24(4):48-51. 被引量：7

1胡金媛,陈意翔.分布式防火墙过滤规则的分类与异常检测[J].教育技术导刊,2008(2):92-94.
2王薇,杨鑫坤.分布式防火墙系统的研究与实现[J].中国科技信息,2006(6):162-164.
3张立颖.内部网络安全中防火墙系统的改进[J].电脑学习,2008(4):30-31.
4伍长荣.分布式防火墙系统在校园网中的应用[J].福建电脑,2004,20(1):50-51. 被引量：2
5饶泓,陈炼,闻淑芳.一种新型的分布式防火墙系统[J].南昌大学学报（理科版）,2002,26(3):282-284. 被引量：1
6彭倩岚,李之棠.分布式防火墙系统的安全机制设计[J].计算机工程与科学,2003,25(2):11-15. 被引量：7
7刘洁宇,任新华.分布式防火墙系统中主机防火墙的设计与实现[J].山西电子技术,2008(3):72-74. 被引量：3
8李宏伟,杨寿保,任安西,黄梅荪.基于入侵检测的分布式防火墙系统[J].计算机工程,2005,31(3):149-151. 被引量：2
9张昱,曹元大.分布式防火墙系统中主机防火墙的安全问题[J].内蒙古农业大学学报（自然科学版）,2003,24(3):75-79.
10盛红岩.基于Kerberos协议的分布式防火墙系统的研究[J].电脑知识与技术,2007(9):1249-1250.

计算机工程与设计

2006年第22期

浏览历史

内容加载中请稍等...

一种分布式防火墙过滤策略的异常检测模型被引量：3

参考文献14

同被引文献21

引证文献3

二级引证文献1

相关作者

相关机构

相关主题

浏览历史

一种分布式防火墙过滤策略的异常检测模型 被引量：3

参考文献14

同被引文献21

引证文献3

二级引证文献1

相关作者

相关机构

相关主题

浏览历史

一种分布式防火墙过滤策略的异常检测模型被引量：3