{"title":"解析规则一致性的防火墙模块","authors":"A. Papagrigoriou, P. Petrakis, M. Grammatikakis","doi":"10.1109/WISES.2017.7986931","DOIUrl":null,"url":null,"abstract":"Network firewall rules are usually written by administrators or automated intrusion detection systems and often contain inconsistencies. Therefore, it is fundamental to ensure that only an absolutely correct configuration is active. In this paper, we design an open source conflict resolution framework (C application and Linux firewall kernel module on top of netfilter) that can be used as a constant independent system auditor, automatically detecting and resolving conflicts in firewall rules. Preliminary analysis from our implementation on ARM-based embedded systems examines efficiency and scalability of our framework.","PeriodicalId":126592,"journal":{"name":"2017 13th Workshop on Intelligent Solutions in Embedded Systems (WISES)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"A firewall module resolving rules consistency\",\"authors\":\"A. Papagrigoriou, P. Petrakis, M. Grammatikakis\",\"doi\":\"10.1109/WISES.2017.7986931\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network firewall rules are usually written by administrators or automated intrusion detection systems and often contain inconsistencies. Therefore, it is fundamental to ensure that only an absolutely correct configuration is active. In this paper, we design an open source conflict resolution framework (C application and Linux firewall kernel module on top of netfilter) that can be used as a constant independent system auditor, automatically detecting and resolving conflicts in firewall rules. Preliminary analysis from our implementation on ARM-based embedded systems examines efficiency and scalability of our framework.\",\"PeriodicalId\":126592,\"journal\":{\"name\":\"2017 13th Workshop on Intelligent Solutions in Embedded Systems (WISES)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 13th Workshop on Intelligent Solutions in Embedded Systems (WISES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WISES.2017.7986931\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 13th Workshop on Intelligent Solutions in Embedded Systems (WISES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WISES.2017.7986931","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Network firewall rules are usually written by administrators or automated intrusion detection systems and often contain inconsistencies. Therefore, it is fundamental to ensure that only an absolutely correct configuration is active. In this paper, we design an open source conflict resolution framework (C application and Linux firewall kernel module on top of netfilter) that can be used as a constant independent system auditor, automatically detecting and resolving conflicts in firewall rules. Preliminary analysis from our implementation on ARM-based embedded systems examines efficiency and scalability of our framework.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
