摘要
分析了分布式防火墙(DFW)规则异常产生的原因,定义了规则的四种相关性:完全无关、完全匹配、包含匹配、部分相关,然后对四种类型规则异常进行了规范的定义,包括阴影异常、虚假异常、冗余异常和关联异常,并运用基于XML的规则模型设计了基于XML的异常规则发现算法。通过FPA软件实现了本算法,对查全率和性能进行了分析。
Confliction between rules is an important factor influenting the capabilities of distributed firewall (DFW). The reasons causing abnormal rules of DFW is analyzed, and the four correlations including complete independence, exact matching, inclusive matching, and part correlation are defined. The four types of abnormal rules are normalized as shadow anomaly, spurous anomaly, redundant anomaly and correlate anomaly. An abnormal rules discovery algorithm based on XML is designed. The algorithm is implemented by FPA, and its performance is discussed.
出处
《计算机应用与软件》
CSCD
北大核心
2008年第11期261-264,共4页
Computer Applications and Software
