Audit and Processing of Anormaly Firewall Rules
- 10.2991/lemcs-15.2015.74How to use a DOI?
- Firewall; Rule set; Anormaly; Audit; Policy tree
1. Objectiv Firewall rules configuration has been the focus of network security research and this paper studies and improves the firewall rule audit method to improve the matching efficiency of firewall rules. 2. Method: This paper makes a detailed study of the relationship between firewall rules, and explain them by the concept of the collection, then summarizes anormaly conflicts, then the rule of the firewall is optimized by using statistical algorithm. 3. Results: This paper designs the hierarchical audit structure, simplifies the audit work, and applies the policy tree algorithm to audit the rule set of the firewall. At last, the model of the different anomaly is given. 4. Conclusion: The 7 anormalies in the experimental rule set are all discoveried, and the average matching times is reduced from 4.624 to 3.544.
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Bo Cao AU - Fei Gao AU - Zheng Yu PY - 2015/07 DA - 2015/07 TI - Audit and Processing of Anormaly Firewall Rules BT - Proceedings of the International Conference on Logistics, Engineering, Management and Computer Science PB - Atlantis Press SP - 380 EP - 385 SN - 1951-6851 UR - https://doi.org/10.2991/lemcs-15.2015.74 DO - 10.2991/lemcs-15.2015.74 ID - Cao2015/07 ER -