Notification: Our email services are now fully restored after a brief, temporary outage caused by a denial-of-service (DoS) attack. If you sent an email on Dec 6 and haven't received a response, please resend your email.
CFP last date
20 December 2024
Reseach Article

Firewall Anomaly Management: A survey

by Ameya Hanamsagar, Ninad Jane, Bhagyashree Borate, Aditi Wasvand, S.a. Darade
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 105 - Number 18
Year of Publication: 2014
Authors: Ameya Hanamsagar, Ninad Jane, Bhagyashree Borate, Aditi Wasvand, S.a. Darade
10.5120/18474-9363

Ameya Hanamsagar, Ninad Jane, Bhagyashree Borate, Aditi Wasvand, S.a. Darade . Firewall Anomaly Management: A survey. International Journal of Computer Applications. 105, 18 ( November 2014), 1-5. DOI=10.5120/18474-9363

@article{ 10.5120/18474-9363,
author = { Ameya Hanamsagar, Ninad Jane, Bhagyashree Borate, Aditi Wasvand, S.a. Darade },
title = { Firewall Anomaly Management: A survey },
journal = { International Journal of Computer Applications },
issue_date = { November 2014 },
volume = { 105 },
number = { 18 },
month = { November },
year = { 2014 },
issn = { 0975-8887 },
pages = { 1-5 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume105/number18/18474-9363/ },
doi = { 10.5120/18474-9363 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:38:02.168654+05:30
%A Ameya Hanamsagar
%A Ninad Jane
%A Bhagyashree Borate
%A Aditi Wasvand
%A S.a. Darade
%T Firewall Anomaly Management: A survey
%J International Journal of Computer Applications
%@ 0975-8887
%V 105
%N 18
%P 1-5
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Firewall secures a private network from intrusions from other networks. The firewall has ACLs (Access Control List) that contain rules used to allow or deny incoming traffic. These rules form the security policy of the firewall. The large size and complexity of modern networks result in large and complex firewall policies. Designing policies for a network of firewalls is a difficult task as a number of cases have to be taken into consideration for access control. Also, a network administrator may want to update the policies in order to replace them with new ones. The process of updating firewall policies is difficult and error prone. In this paper, we provide a structured and comprehensive overview of various techniques in regards to firewall anomaly detection. We briefly describe and compare various known algorithms and tools used to detect and/or resolve the firewall anomalies.

References
  1. Sandeep Reddy Pedditi, Du Zhang, and Chung-E Wang, "FIEP: An Initial Design of A Firewall Information Exchange Protocol," IEEE 14th International Conference on Information Reuse and Integration (IRI), 2013.
  2. E. Al-Shaer and H. Hamed, "Discovery of Policy Anomalies in Distributed Firewalls,"IEEE INFOCOM '04,vol. 4, 2004. pp. 2605-2616
  3. L. Yuan, H. Chen, J. Mai, C. Chuah, Z. Su, P. Mohapatra, and C. Davis, "Fireman: A Toolkit for Firewall Modeling and Analysis," Proc. IEEE Symp. Security and Privacy, 2006
  4. Y. Bartal, A. J. Mayer, K. Nissim, A. Wool, "Firmato: A novel firewall management toolkit," ACM Transactions on Computer Systems 22, 2004, pp. 381-420
  5. Suchart Khummanee, Atipong Khumseela and Somnuk Puangpronpitag, "Towards a New Design of Firewall: Anomaly Elimination and Fast Verifying of Firewall Rules," 10th International Joint Conference on Computer Science and Software Engineering (JCSSE), 2013, pp. 93-98
  6. Chi-Shih Chao, "A flexible and feasible anomaly diagnosis system for Internet firewall rules," 13th Asia-Pacific Network Operations and Management Symposium (APNOMS), 2011
  7. A. X. Liu and M. G. Gouda, "Firewall policy queries," IEEE Transactions on Parallel and Distributed Systems (TPDS), 20(6), pp. 766–777, 2009
  8. Hongxin Hu, Gail-Joon Ahn and Ketan Kulkarni, "Detecting and Resolving Firewall Policy Anomalies," IEEE Transactions on Dependable and Secure Computing, vol. 9, issue 3, pp. 318-331
  9. Alan Jeffrey and Taghrid Samak, "Model Checking Firewall Policy Configurations," IEEE International Symposium on Policies for Distributed Systems and Networks, 2009, pp. 60-67
  10. A. Mayer, A. Wool and E. Ziskind, "Offline firewall analysis," International Journal of Information Security 5 (3), 2005, pp. 125–144
  11. Alex X. Liu, "Firewall policy verification and troubleshooting," The International Journal of Computer and Telecommunications Networking, Vol 53 Issue 16, 2009, pp. 2800-2809
  12. A. Mayer, A. Wool, and E. Ziskind, "Fang: A Firewall Analysis Engine," Proc. IEEE Symp. Security and Privacy, pp. 177-189, 2000.
  13. Cisco ASA Series Firewall ASDM Configuration Guide, Cisco Systems Inc. , updated March 31, 2014
  14. A. X. Liu, "Formal Verification of Firewall Policies," IEEE International Conference in Communications, 2008, pp. 1494 - 1498.
  15. S. R. Pedditi, "An initial design of firewall information exchange protocol (FIEP)," MS Degree Project Report, Department of Computer Science, California State University, Sacramento, May 2012.
  16. Keromytis, A. D. and Prevelakis, V. , "Designing Firewalls: A survey", in C. Douligeris and D. N. Serpanos, "In Network Security: Current Status and Future Directions", Wiley - IEEE Press, 2007
  17. Cisco Security Appliance Command Line Configuration Guide, Cisco Systems Inc. , 2009
  18. Juniper Netscreen Series Security Systems, Juniper Networks Inc. , Dec 2011
  19. Check Point Threat Prevention Appliances, Check Point Software Technologies, Ltd. , 2012.
Index Terms

Computer Science
Information Sciences

Keywords

firewalls ACL rules anomaly Firewall Policy Policy conflicts