International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
Volume 116 - Issue 23 |
Published: April 2015 |
Authors: Ameya Hanamsagar, Bhagyashree Borate, Ninad Jane, Aditi Wasvand, Santosh Darade |
![]() |
Ameya Hanamsagar, Bhagyashree Borate, Ninad Jane, Aditi Wasvand, Santosh Darade . Detection of Firewall Policy Anomalies in Real-time Distributed Network Security Appliances. International Journal of Computer Applications. 116, 23 (April 2015), 7-13. DOI=10.5120/20497-2769
@article{ 10.5120/20497-2769, author = { Ameya Hanamsagar,Bhagyashree Borate,Ninad Jane,Aditi Wasvand,Santosh Darade }, title = { Detection of Firewall Policy Anomalies in Real-time Distributed Network Security Appliances }, journal = { International Journal of Computer Applications }, year = { 2015 }, volume = { 116 }, number = { 23 }, pages = { 7-13 }, doi = { 10.5120/20497-2769 }, publisher = { Foundation of Computer Science (FCS), NY, USA } }
%0 Journal Article %D 2015 %A Ameya Hanamsagar %A Bhagyashree Borate %A Ninad Jane %A Aditi Wasvand %A Santosh Darade %T Detection of Firewall Policy Anomalies in Real-time Distributed Network Security Appliances%T %J International Journal of Computer Applications %V 116 %N 23 %P 7-13 %R 10.5120/20497-2769 %I Foundation of Computer Science (FCS), NY, USA
With the advent of emerging technologies like cloud computing, the security of confidential data is of prime importance. Firewalls are widely used as the most basic security device used to protect a network from unauthorized access and network intrusions. Network Administrators define some rules to filter incoming and outgoing packets which form the security policy of the firewall. The large size of firewall policies create complex interactions between policies of the same firewall as well as between multiple firewalls. In this paper, we extend the currently known classification for firewall policy anomalies. Further, we propose a tool which obtains these rules from security devices in real-time environment, detects the anomalies present in them according to the underlying network topology and propagates the consistent rules with the consent of administrator. Currently, the tool can only be used with Cisco security devices; however, it can be extended to incorporate the syntax of other vendor's devices as well.