Showing 1–1 of 1 results for author: Karoui, K

Distributed firewalls and IDS interoperability checking based on a formal approach

Authors: Kamel Karoui, Fakher Ben Ftima, Henda Ben Ghezala

Abstract: To supervise and guarantee a network security, the administrator uses different security components, such as firewalls, IDS and IPS. For a perfect interoperability between these components, they must be configured properly to avoid misconfiguration between them. Nevertheless, the existence of a set of anomalies between filtering rules and alerting rules, particularly in distributed multi-component… ▽ More To supervise and guarantee a network security, the administrator uses different security components, such as firewalls, IDS and IPS. For a perfect interoperability between these components, they must be configured properly to avoid misconfiguration between them. Nevertheless, the existence of a set of anomalies between filtering rules and alerting rules, particularly in distributed multi-component architectures is very likely to degrade the network security. The main objective of this paper is to check if a set of security components are interoperable. A case study using a firewall and an IDS as examples will illustrate the usefulness of our approach. △ Less

Submitted 10 October, 2013; originally announced October 2013.

Comments: Security component, relevancy, misconfigurations detection, interoperability cheking, formal correction,formal verification, projection, IDS, Firewall

ACM Class: C.2; C.2.0; C.2.1; C.2.3; D.2.12

Journal ref: International Journal of Computer Networks & Communications, September 2013, Volume 5. Number 5, pp 95-115