A novel mechanism for anomaly removal of firewall filtering rules

Chi Shih Chao, Stephen J.H. Yang

研究成果: 雜誌貢獻期刊論文同行評審

5 引文 斯高帕斯(Scopus)


Firewalls are always treated as the core devices for network security to protect networks from being attacked. Still, properly configuring firewall rules is no easy task due to its laboring and time-consuming characteristic. In some cases, firewall rules need to be added, deleted, modified, or order-changed from time to time to fit in the dynamic of network traffic. As a result, firewalls are subject to rule anomalies caused by misconfigurations such that network security holes can be created accordingly, and then damage the managed networks and even worse the firewalls themselves. In this paper, an enhanced firewall rule management approach is proposed where it can not only pinpoint the anomalies among firewall rules effectively and efficiently, but also provide a novel mechanism for correct and speedy removal of rule anomalies. As a demonstration, a visualized firewall rule anomaly removal system has been realized and performance evaluations on anomaly removal have been also conducted, in which our developed mechanism shows its excellence and feasibility.

頁(從 - 到)949-957
期刊Journal of Internet Technology
出版狀態已出版 - 2020


深入研究「A novel mechanism for anomaly removal of firewall filtering rules」主題。共同形成了獨特的指紋。