A formal model of network policy analysis

2015 IEEE 1st International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI) Pub Date : 2015-11-12 DOI:10.1109/RTSI.2015.7325150

Fulvio Valenza, Serena Spinoso, C. Basile, R. Sisto, A. Lioy

{"title":"A formal model of network policy analysis","authors":"Fulvio Valenza, Serena Spinoso, C. Basile, R. Sisto, A. Lioy","doi":"10.1109/RTSI.2015.7325150","DOIUrl":null,"url":null,"abstract":"The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter- and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks.","PeriodicalId":187166,"journal":{"name":"2015 IEEE 1st International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 1st International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RTSI.2015.7325150","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

Abstract

The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter- and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks.

查看原文本刊更多论文

网络政策分析的正式模型

网络拓扑的复杂性和网络服务的异构性使网络配置成为一项艰巨的任务，即使是熟练和有经验的管理员。为了降低网络配置的复杂性，管理员利用了网络策略，从而引入了新的错误可能性。事实上，错误和意外的网络行为(例如，安全缺陷)可能源于错误的网络策略定义，但也可能源于不同域的策略之间的异常。本文提出了一个用于检测域间和域内策略异常的形式化模型。策略异常允许管理员识别他们认为错误或需要监视的所有网络行为。为了验证所提出的解决方案的通用性，将该模型应用于三个策略领域(包过滤、通信保护和业务功能链)，并在不同规模的网络中测试了异常检测分析的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 IEEE 1st International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI)

自引率

0.00%

发文量