Detailed Information

Cited 0 time in webofscience Cited 0 time in scopus
Metadata Downloads

Classifying Rules by In-out Traffic Direction to Avoid Security Policy Anomaly

Authors
Kim, SunghyunLee, Heejo
Issue Date
27-8월-2010
Publisher
KSII-KOR SOC INTERNET INFORMATION
Keywords
Firewall; security policy; policy anomalies; network security; ACL
Citation
KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.4, no.4, pp.671 - 690
Indexed
SCIE
SCOPUS
KCI
OTHER
Journal Title
KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS
Volume
4
Number
4
Start Page
671
End Page
690
URI
https://scholar.korea.ac.kr/handle/2021.sw.korea/115858
DOI
10.3837/tiis.2010.08.013
ISSN
1976-7277
Abstract
The continuous growth of attacks in the Internet causes to generate a number of rules in security devices such as Intrusion Prevention Systems, firewalls, etc. Policy anomalies in security devices create security holes and prevent the system from determining quickly whether allow or deny a packet. Policy anomalies exist among the rules in multiple security devices as well as in a single security device. The solution for policy anomalies requires complex and complicated algorithms. In this paper, we propose a new method to remove policy anomalies in a single security device and avoid policy anomalies among the rules in distributed security devices. The proposed method classifies rules according to traffic direction and checks policy anomalies in each device. It is unnecessary to compare the rules for outgoing traffic with the rules for incoming traffic. Therefore, classifying rules by in-out traffic, the proposed method can reduce the number of rules to be compared up to a half. Instead of detecting policy anomalies in distributed security devices, one adopts the rules from others for avoiding anomaly. After removing policy anomalies in each device, other firewalls can keep the policy consistency without anomalies by adopting the rules of a trusted firewall. In addition, it blocks unnecessary traffic because a source side sends as much traffic as the destination side accepts. Also we explain another policy anomaly which can be found under a connection-oriented communication protocol.
Files in This Item
There are no files associated with this item.
Appears in
Collections
Graduate School > Department of Computer Science and Engineering > 1. Journal Articles

qrcode

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Researcher Lee, Hee jo photo

Lee, Hee jo
컴퓨터학과
Read more

Altmetrics

Total Views & Downloads

BROWSE