CFP last date
22 April 2024
Reseach Article

An Implementation of Anomaly Detection Mechanism For Centralized and Distributed Firewalls

by Ms. Rupali Chaure
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 7 - Number 4
Year of Publication: 2010
Authors: Ms. Rupali Chaure
10.5120/1154-1357

Ms. Rupali Chaure . An Implementation of Anomaly Detection Mechanism For Centralized and Distributed Firewalls. International Journal of Computer Applications. 7, 4 ( September 2010), 5-8. DOI=10.5120/1154-1357

@article{ 10.5120/1154-1357,
author = { Ms. Rupali Chaure },
title = { An Implementation of Anomaly Detection Mechanism For Centralized and Distributed Firewalls },
journal = { International Journal of Computer Applications },
issue_date = { September 2010 },
volume = { 7 },
number = { 4 },
month = { September },
year = { 2010 },
issn = { 0975-8887 },
pages = { 5-8 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume7/number4/1154-1357/ },
doi = { 10.5120/1154-1357 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T19:55:30.182479+05:30
%A Ms. Rupali Chaure
%T An Implementation of Anomaly Detection Mechanism For Centralized and Distributed Firewalls
%J International Journal of Computer Applications
%@ 0975-8887
%V 7
%N 4
%P 5-8
%D 2010
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Due to the rapid growth in the field of Internet, the related security mechanisms are the key area of research. Firewalls serve the solution for secured Internet experience. Latest firewalls are fully-equipped for providing hi-end security to the network. However, due to the continuous growth of security threats, the firewall mechanisms and policies are compulsorily needed to get updated. The manual processing for detecting anomalies in firewall is complex and often error-prone. Any minor change in the rule set of firewall leads to the requirement of rigorous analysis for maintaining the consistency and efficiency of firewall mechanism. Many Data structures have been proposed for detection and removal of anomalies so as to reduce the burden of Network Administrator. In this paper I have shown the results of implementation of a mechanism for the anomalies detection in the centralized and distributed firewall systems. This paper also discusses the design implementation of the irrelevance anomaly for the intra firewalls. It is developed in VB.Net and SQL Server. The algorithm used in this paper purifies the rule sets of firewall in such a way that makes the rule set optimal and free from all known anomalies.

References
  1. Ehab S. Al-Shaer and H. Hamed. “ Management and translation of filtering security policies”. In IEEE International Conference On Communications (ICC ’03), 2003.
  2. E. Al-Shaer and H. Hamed. “Firewall Policy Advisor for Anomaly Detection and Rule Editing.” IEEE/IFIP Integrated Management Conference (IM’2003), March 2003
  3. E. S. Al-Shaer and H. H. Hamed. “Discovery of policy anomalies in distributed firewalls”. In IEEE Infocom, 2004.
  4. Al-Shaer and H. Hamed, “Conflict classification and Analysis of Distributed Firewall policies”, IEEE J SEL AREA COMM, 2005
  5. Chotipat Pornavalai and Thawatchai Chomsiri."Firewall Rules Analysis", International Technical Conference on Circuits/Systems, Computers & Comm. (ITC-CSCC 2004), JULY 2004.
  6. Thawatchai Chomsiri, Chotipat Pornavalai: Firewall Rules Analysis, International Conference on Security & Management, SAM 2006, Las Vegas, Nevada, USA, June 26-29, 2006.
  7. Deri Luca and Suin Stefano and Maselli Gaia (2003) Design and implementation of an anomaly detection system: An empirical approach. In Proceedings of Terena TNC .
  8. Y. Bartal, A.J. Mayer, K. Nissim, A. Wool, Firmato: A novel firewall management toolkit, in: Proceedings of the IEEE Symposium on Security and Privacy, 1999
  9. Errin W. Fulp. “Optimization of network firewall policies using ordered sets and directed acyclical graphs”. Technical report, Computer Science Department, Wake Forest University, 2004
  10. Yu Gu, Andrew McCallum and Don Towsley. “Detecting Anomalies in Network Traffic Using Maximum Entropy Estimation”, Tech. rep., Department of Computer Science, UMASS, Amherst, 2005.
  11. F. Cuppens, N. Cuppens, and J. Garc´ıa. “Detection and removal of firewall misconfiguration”. In International conference on Communication, Network and Information Security (CNIS2005), Phoenix, AZ, USA, November 2005. IASTED.
  12. Cuppens, F., Cuppens-Boulahia, N., and Garcia-Alfaro, J. (2005). “Misconfiguration Management of Network Security Components”. In Proceedings of the 7th International Symposium on System and Information Security, Sao Paulo, Brazil.
  13. Muhammad Abedin, Syeda Nessa, Latifur Khan, Bhavani Thuraisingham. “Detection and Resolution of Anomalies in Firewall Policy Rules”. In Proc. 20th IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2006), Springer-Verlag, July 2006, SAP Labs, Sophia Antipolis, France.
  14. T Katic, P Pale. “Optimization of Firewall Rules”. Information Technology Interfaces, 2007.
  15. Grout V. , Davies J. and McGinn J. “ An Argument for simple embedded ACL optimization”, Computer Communications, Volume-30 No-2,
  16. L. Yuan, H. Chen, J. Mai, C. -N. Chuah, Z. Su, P. Mohapatra, Fireman: a toolkit for firewall modeling and analysis, In IEEE Symposium on Security and Privacy, May 2006
  17. S. Acharya, J. Wang, Z. Ge, T. F. Znati, and A. Greenberg. Traffic-aware firewall optimization strategies. In Proceedings of the International Conference on Communications, 2006.
  18. Subrata Acharya , Jia Wang , Zihui Ge , Taieb Znati , Albert Greenberg, “Simulation Study of Firewalls to Aid Improved Performance”, In Proceedings of the 39th annual Symposium on Simulation, 2006.
  19. K. Golnabi, R.K. Min, L. Khan, and E. Al.Shaer, “Analysis of firewall policy rules using data mining techniques”, IEEE NOMS 2006, Vancouver, Canada, April 2006.
  20. K. Golnabi, R.K. Min, L. Khan, and E. Al.Shaer, “Analysis of firewall policy rules using data mining techniques”, IEEE NOMS 2006, Vancouver, Canada, April 2006.
  21. Indrajeet S. Pabla, “A New Architecture For Conflict-Free Firewall Policy Provisioning”, A minor thesis submitted at School of Computer Science and Information Technology Royal Melbourne Institute of\Technology, July 19, 2006.
  22. Optimization of firewall performance by Anssi Kolehmainen. In Home Networking, Seminar on Internetworking, Spring 2007 at Helsinki University of Technology.
  23. Salem, O., Vaton, S. and Gravey, A. (2007). A novel approach for anomaly detection over high-speed networks. In, Proceedings of EC2ND.
  24. E.-S. M. El-Alfy and S. Z. Selim, “On optimal firewall rule ordering,” in Proceedings of IEEE International Conference on Computer Systems and Applications, 2007.
  25. V. Capretta, B. Stepien, A. Felty and S. Matwin, “Formal Correctness of Conflict Detection for Firewalls”, FMSE’07, ACM, Virginia, USA, Nov 2007
  26. Haakon Ringberg , Matthew Roughan , Jennifer Rexford, “The need for simulation in evaluating anomaly detectors”, ACM SIGCOMM Computer Communication Review, v.38 n.1, January 2008.
  27. J. Lane Thames, Randal Abler, David Keeling,” A distributed firewall and active response architecture providing preemptive protection”. In ACM Southeast Regional Conference Proceedings of the 46th Annual Southeast Regional Conference on Network and system security, Auburn, Alabama, 2008.
  28. Ricardo M. Oliveira, Sihyung Lee, and Hyong S. Kim, “Automatic Detection of Firewall Misconfigurations using Firewall and Network Routing Policies”, [PFARM'09] IEEE DSN Workshop on Proactive Failure Avoidance, Recovery, and Maintenance (PFARM), Lisbon, Portugal, Jun. 2009.
  29. Ashish Tapdiya, Errin W. Fulp, "Towards Optimal Firewall Rule Ordering Utilizing Directed Acyclical Graphs," icccn, pp.1-6, 2009 Proceedings of 18th International Conference on Computer Communications and Networks, 2009.
  30. A Multi Agent framework for anomalies detection on distributed Firewalls using data mining techniques in 2009 by Kamel Karoui, Fakher Ben Ftima, Henda Ben Ghezala.
Index Terms

Computer Science
Information Sciences

Keywords

Anomaly Detection Distributed Firewalls firewall mechanisms