{"title":"异常检测:防火墙的能力和限制","authors":"Sultan Alsehibani, Sultan Almuhammadi","doi":"10.1109/ICCSE1.2018.8374204","DOIUrl":null,"url":null,"abstract":"Firewalls are the most deployed basic security devices that are used to protect private networks from unauthorized accesses and intrusions. Firewall's security protection depends mainly on the quality of the firewall's configured policies. However, as firewalls policies grow in size, the interactions between policies of the same firewall or different firewalls become complex, which makes it difficult to design and manage firewalls policies in large scale systems. This paper identifies and compares recent firewall anomaly management frameworks, tools, and algorithms. It compares the anomaly management approaches in terms of visual representation, need for manual interference, existence of implementation, features, and limitations. It also classifies these approaches as single or distributed architectures, and the modes of these approaches as real-time or offline. Useful recommendations are provided as a result of this study.","PeriodicalId":383579,"journal":{"name":"2018 International Conference on Computing Sciences and Engineering (ICCSE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Anomaly Detection: Firewalls Capabilities and Limitations\",\"authors\":\"Sultan Alsehibani, Sultan Almuhammadi\",\"doi\":\"10.1109/ICCSE1.2018.8374204\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Firewalls are the most deployed basic security devices that are used to protect private networks from unauthorized accesses and intrusions. Firewall's security protection depends mainly on the quality of the firewall's configured policies. However, as firewalls policies grow in size, the interactions between policies of the same firewall or different firewalls become complex, which makes it difficult to design and manage firewalls policies in large scale systems. This paper identifies and compares recent firewall anomaly management frameworks, tools, and algorithms. It compares the anomaly management approaches in terms of visual representation, need for manual interference, existence of implementation, features, and limitations. It also classifies these approaches as single or distributed architectures, and the modes of these approaches as real-time or offline. Useful recommendations are provided as a result of this study.\",\"PeriodicalId\":383579,\"journal\":{\"name\":\"2018 International Conference on Computing Sciences and Engineering (ICCSE)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-03-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 International Conference on Computing Sciences and Engineering (ICCSE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCSE1.2018.8374204\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Computing Sciences and Engineering (ICCSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCSE1.2018.8374204","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Anomaly Detection: Firewalls Capabilities and Limitations
Firewalls are the most deployed basic security devices that are used to protect private networks from unauthorized accesses and intrusions. Firewall's security protection depends mainly on the quality of the firewall's configured policies. However, as firewalls policies grow in size, the interactions between policies of the same firewall or different firewalls become complex, which makes it difficult to design and manage firewalls policies in large scale systems. This paper identifies and compares recent firewall anomaly management frameworks, tools, and algorithms. It compares the anomaly management approaches in terms of visual representation, need for manual interference, existence of implementation, features, and limitations. It also classifies these approaches as single or distributed architectures, and the modes of these approaches as real-time or offline. Useful recommendations are provided as a result of this study.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
