1 |
L. Lu, R. Safavi-Naini, J. Horton and W. Susilo, "Comparing and debugging firewall rule tables," International Journal of Information Security, vol.1, no.4, pp.143-151, 2007.
DOI
|
2 |
L. Yuan, H. Chen, J. Mai, C.-N. Chuah, Z. Su, and P. Mohapatra, "FIREMAN: A Toolkit for FIREwall Modeling and Analysis," IEEE Symposium on Security and Privacy, pp.199-213, 2006.
|
3 |
J. G. Alfaro, N. Cuppens-Boulahia, and F. Cuppens, "Complete analysis of configuration rules to guarantee reliable network security policies," International Journal of Information Security, vol.7, no.5, pp.103-122, 2008.
DOI
|
4 |
F. Cuppens, N. Cuppens-Boulahia, and J.G. Alfaro, "Detection and removal of firewall misconfiguration," in proc. of 2005 IASTED International Conf. on Communication, Network and Information Security, pp.154-162, 2005.
|
5 |
J.G. Alfaro, F. Cuppens, and N. Cuppens-Boulahia, "Aggregating and deploying network access control policies," in proc. of Third International Conf. on Availability, Reliability and Security, 2007
|
6 |
S. Pozo, R. Ceballos, and R. M. Gasca, "Fast algorithms for consistency-based diagnosis of firewall Rule Sets," in proc. of Second International Conf. on Availability, Reliability and Security, 2006.
|
7 |
S. Pozo, R. Ceballos, and R. M. Gasca, "CSP-based firewall rule set diagnosis using security policies," in proc. of Third International Conf. on Availability, Reliability and Security, 2007.
|
8 |
M. Abedin, S. Nessa, L. Khan, and B. Thuraisingham, "Detection and resolution of anomalies in firewall policy rules," in proc. of 20th Annual IFIP WG 11.3 Working Conf. on Data and Applications Security (DBSec), 2006.
|
9 |
M. Yoon, S. Chen, and Z. Zhang, "Reducing the size of rule set in a Firewall," in Proc. of IEEE International Conf. on Communications, 2007.
|
10 |
Sunghyun Kim and Heejo Lee, "Reducing payload inspection cost using rule classification for fast attack signature matching," IEICE Transactions on Information and Systems, Vol.E92-D, no.10, pp.1971-1978, 2009.
DOI
ScienceOn
|
11 |
Snort: Open source Network Intrusion Detection System, http://www.snort.org.
|
12 |
Ehab S. Al-Shaer and H. Hamed, "Modeling and management of firewall policies," IEEE eTransactions on Network and Service Management, vol.44, no.3, pp.134-141, Apr. 2004.
|
13 |
Strasberg,Gondek and Rollies, "The Complete Reference Firewalls," MacGrawHill, 2002.
|
14 |
Avishai Wool, "A quantitative study of firewall configuration errors," IEEE Computer, vol.37, no.6, pp.62-67, Jun. 2004.
|
15 |
Sunghyun Kim and Heejo Lee, "Abnormal policy detection and correction using overlapping transition," IEICE Transactions on Information and Systems, vol.E93-D, no.5, pp.1053-1061, 2010.
DOI
ScienceOn
|
16 |
E. S. Al-Shaer, H. Hamed, R. Boutaba, and M. Hasan, "Conflict classification and analysis of distributed firewall policies," IEEE Journal on Selected Areas in Communications, vol.23, no.10, pp.2069-2084, Oct. 2005.
DOI
|
17 |
E. S. Al-Shaer and H. Hamed, "Discovery of policy anomalies in distributed firewalls," in proc. of IEEE INFOCOM, pp. 2605-2616, Mar. 2004.
|
18 |
H. Hamed and E. Al-Shaer, "Taxonomy of conflicts in network security policies," IEEE Communications Magazine, vol.44, pp.134-141, 2006.
|
19 |
R. Bryant, "Graph-Based algorithms for Boolean function manipulation," IEEE Transactions on Computers, vol.35, no.8, pp.677-691, Aug. 1986.
|
20 |
M. G. Gouda and A. X. Liu, "Firewall design: consistency, completeness, and compactness," in proc. of 24th International Conf. on Distributed Computing Systems (ICDCS), 2004.
|
21 |
M. G. Gouda and A. X. Liu, "Structured firewall design," Computer Networks Journal, vol.51, no.4, pp.1106-1120, 2007.
DOI
ScienceOn
|
22 |
A. X. Liu, and M. G. Gouda, "Diverse firewall design," IEEE Transactions on Parallel and Distributed Systems, vol.19, no.6, pp.1237-1251, 2008.
DOI
|