Download PDFOpen PDF in browser

Automatic detection and correction of firewall misconfigurations- A formal approach

9 pagesPublished: March 26, 2017

Abstract

Firewall has been at the center of intense research in the last decade owing to the increase of malicious attacks on networks. Constant updating of the firewall configuration by modifying, adding and removing rules increases the complexity of the configuration resulting in overlapping and often conflicting filtering rules. As a consequence, the set of filtering rules becomes unreliable and contains multiple misconfigurations creating ambiguity in classification of new traffic, not only affecting the performance of the firewall, but also putting the system in a vulnerable position. Manual management of this problem can be overwhelming and potentially inaccurate. Therefore, there is a need of automated methods to analyze, detect and fix misconfigurations. The objective of our work is to propose (1) a new formal approach to discover effective firewall configurations errors, (2) an optimal and automatic method with the minimum number of operations to correct these misconfigurations in both centralized firewalls and firewalls in a distributed environment and (3) a tool that implements proposed techniques and significantly helps user in discovering and resolving firewall misconfigurations.

Keyphrases: FDD, Firewall, Misconfiguration

In: Mohamed Mosbah and Michael Rusinowitch (editors). SCSS 2017. The 8th International Symposium on Symbolic Computation in Software Science 2017, vol 45, pages 68--76

Links:
BibTeX entry
@inproceedings{SCSS2017:Automatic_detection_and_correction,
  author    = {Amina Sa\textbackslash{}\textasciicircum{}adaoui and Nihel Ben Youssef and Adel Bouhoula},
  title     = {Automatic detection and correction of firewall misconfigurations- A formal approach},
  booktitle = {SCSS 2017. The 8th International Symposium on Symbolic Computation in Software Science 2017},
  editor    = {Mohamed Mosbah and Michael Rusinowitch},
  series    = {EPiC Series in Computing},
  volume    = {45},
  pages     = {68--76},
  year      = {2017},
  publisher = {EasyChair},
  bibsource = {EasyChair, http://www.easychair.org},
  issn      = {2398-7340},
  url       = {https://easychair.org/publications/paper/lTh},
  doi       = {10.29007/jl3k}}
Download PDFOpen PDF in browser