期刊名称:International Journal of Innovative Research in Computer and Communication Engineering
印刷版ISSN:2320-9798
电子版ISSN:2320-9801
出版年度:2013
卷号:1
期号:3
出版社:S&S Publications
摘要:Security concerns are becoming increasingly critical innetworked systems. Firewalls provideimportant defense fornetwork security. Computer firewalls are widely used for security policy enforcement andaccess control. Current firewalls use various processing models and are configured using their own policydescription languages. However, misconfigurations in firewallsare very common and significantly weaken thedesired security. In this paper, a novel methodology called rule-based segmentation technique is proposed toidentify policy anomalies, which is articulated with a grid-based representation. It derives effective solutions toavoid anomalies by providing anintuitive cognitive sense about policy anomaly. The experiments shown that,the proposed approachcan efficiently discover and resolve anomalies in firewall policies.
