65 Hits in 8.2 sec

Verified iptables Firewall Analysis and Verification

Cornelius Diekmann, Lars Hupel, Julius Michaelis, Maximilian Haslbeck, Georg Carle
2018 Journal of automated reasoning  
An evaluation of our work on a large set of real-world firewall rulesets shows that our framework provides interesting results in many situations, and can both help and out-compete other static analysis  ...  Based on that, we implement the verified generation of IP space partitions and minimal service matrices.  ...  Manuel Eberl, Lukas Schwaighofer, and Fabian Immler commented on early drafts of this paper. This work was greatly inspired by Tobias Nipkow's and Gerwin Klein's book on semantics in Isabelle [62] .  ... 
doi:10.1007/s10817-017-9445-1 pmid:30069072 pmcid:PMC6044321 fatcat:jgqymzilcbdfpk5xwov7igpilq

Visual analysis of complex firewall configurations

Florian Mansmann, Timo Göbel, William Cheswick
2012 Proceedings of the Ninth International Symposium on Visualization for Cyber Security - VizSec '12  
To verify our design, we present two case studies on the analysis of rule usage and on nested object groups and collected feedback from five firewall administrators.  ...  In this paper we present a visualization tool to support the network administrator in this complex task of understanding firewall rule sets and object group definitions.  ...  Besides adapting this technique to group firewall rules based on their common properties, the strength of our tool is the linkage of the textual firewall rules with their visual counterpart as well as  ... 
doi:10.1145/2379690.2379691 dblp:conf/vizsec/MansmannGC12 fatcat:nxi4yroma5g5lkwym7q7vq733m

Provably Secure Networks: Methodology and Toolset for Configuration Management [article]

Cornelius Diekmann
2017 arXiv   pre-print
Our first tool guides the process of designing networks from scratch. Our second tool facilitates the analysis of existing iptables configurations. Combined, the two form a powerful toolset.  ...  Using the Isabelle interactive proof assistant, we develop two automated, formally verified tools which help uncovering and preventing bugs in network-level access control configurations.  ...  We thank all the (anonymous) administrators who donated their firewall configs to our research. I would like express my gratitude to Prof. Dr.-Ing.  ... 
arXiv:1708.08228v1 fatcat:ljgwja2k6jgunl5g45jnptqx5m

Practical Attack Graph Generation for Network Defense

Kyle Ingols, Richard Lippmann, Keith Piwowarski
2006 Proceedings of the Computer Security Applications Conference  
Attack graphs are a valuable tool to network defenders, illustrating paths an attacker can use to gain access to a targeted network.  ...  Defenders can then focus their efforts on patching the vulnerabilities and configuration errors that allow the attackers the greatest amount of access.  ...  Stetson for reviewing much of the NetSPA prototype's design, Chris Scott, Kendra Kratkiewicz, Rob Cunningham and Mike Artz for their contributions to previous versions of NetSPA, Carrie Gates for feedback on  ... 
doi:10.1109/acsac.2006.39 dblp:conf/acsac/IngolsLP06 fatcat:3uvys2gxfrd23mwgxlm2vlketi

Intrusion Detection System for Home Windows based Computers

2019 KSII Transactions on Internet and Information Systems  
The research presented in the beginning demonstrates that neither a solution for gathering data on attacks against Windows based PCs is available at present nor other security tools and supplementary programs  ...  It is based on a client-server architecture while taking much inspiration from previous attempts for designing systems with similar purpose, as well as from IDS systems like Snort.  ...  Unlike personal and server firewalls running on a machine to be protected, network firewalls are intended to protect the whole private network or its segment, from potentially malicious communication (  ... 
doi:10.3837/tiis.2019.09.021 fatcat:vmfap7yh65gwvmxeyy7tq2h2ki

Next generation firewalls for dynamic coalitions

Saritha Arunkumar, Stephen Pipes, Christian Makaya, Elisa Bertino, Erisa Karafili, Emile Lupu, Chris Williams
2017 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI)  
Firewalls represent a critical security building block for networks as they monitor and control incoming and outgoing network traffic based on the enforcement of predetermined security rules, referred  ...  to as firewall rules.  ...  For example, upon huge volume of alerts and notifications, a network administrator should manually sort out the issues using visualization or reporting tools to identify the alerts that pose legitimate  ... 
doi:10.1109/uic-atc.2017.8397413 dblp:conf/uic/ArunkumarPMBKLW17 fatcat:rd2zoheaprfzxoaetuo2lqpw2m

Intrusion Monitoring in Process Control Systems

Alfonso Valdes, Steven Cheung
2009 2009 42nd Hawaii International Conference on System Sciences  
To facilitate human analysts to gain a better understanding of anomalous network traffic patterns, we present a visualization tool that supports multiple usercustomizable views and animation for analyzing  ...  To protect process control networks from cyber intrusions, preventive security measures such as perimeter defenses (for example, network firewalls and demilitarized zones) and secure versions of process  ...  Acknowledgment and Disclaimer This material is based upon work supported by the Department of Energy under Award Number DE-FC26-07NT43314.  ... 
doi:10.1109/hicss.2009.273 dblp:conf/hicss/ValdesC09 fatcat:p2cvzzjhv5hp7hmgwxu6droe4e

Cybersecurity Education and Training Support System: CyRIS

Razvan BEURAN, Cuong PHAM, Dat TANG, Ken-ichi CHINEN, Yasuo TAN, Yoichi SHINODA
2018 IEICE transactions on information and systems  
Based on this description, CyRIS automatically creates the corresponding cyber range instances on a computer and network infrastructure, for simultaneous use by multiple trainees.  ...  CyRIS uses a text-based representation in YAML format to describe the characteristics of the training environment, including both environment setup and security content generation.  ...  For Ruleset Review, firewall configuration functionality can be used to modify firewall settings, or other tools could be installed and executed as above to modify the rulesets for other components (router  ... 
doi:10.1587/transinf.2017edp7207 fatcat:zbs4fws5mjhu3kpiugrm7skgcm

RVH: Range-Vector Hash for Fast Online Packet Classification [article]

Tong Shen, Gaogang Xie, Xin Wang, Zhenyu Li, Xinyi Zhang, Penghao Zhang, Dafang Zhang
2019 arXiv   pre-print
Their success depends on the availability of the new generation of classifiers that can support both fast ruleset updating and high-speed packet classification.  ...  Packet classification according to multi-field ruleset is a key component for many network applications.  ...  To find the best construction of range-vectors that meets the above principles, we may apply mathematical tools such as those based on linear programming.  ... 
arXiv:1909.07159v1 fatcat:7b4xs7p2pjcizovt6cvjpxvzwi

Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR

Matthew Chu, Kyle Ingols, Richard Lippmann, Seth Webster, Stephen Boyer
2010 Proceedings of the Seventh International Symposium on Visualization for Cyber Security - VizSec '10  
Using NAVIGATOR, users can visualize the effect of server-side, client-side, credential-based, and trustbased attacks.  ...  A new tool named NAVIGATOR (Network Asset VIsualization: Graphs, ATtacks, Operational Recommendations) adds significant capabilities to earlier work in attack graph visualization.  ...  Tools to visualize firewall rulesets are more in line with our efforts.  ... 
doi:10.1145/1850795.1850798 dblp:conf/vizsec/ChuILWB10 fatcat:jr6hvzbqcnaipameo4e6oxkhdi

A Security Analysis of Cyber-Physical Systems Architecture for Healthcare

Darren Seifert, Hassan Reza
2016 Computers  
Acknowledgments: This material is based upon work supported by the National Science Foundation/EPSCoR Award No. IIA-1355466 and the State of North Dakota.  ...  Its fact-based ruleset allows the system to change calculation priorities and knowledge source activations based on the currently available information set.  ...  Data nodes, or nodes that are able to access information within one of the facilities existing data systems, will also be segmented from the device network by a firewall.  ... 
doi:10.3390/computers5040027 fatcat:pkqfy7suere77crizmiqrvif7u

Network Traffic Features for Anomaly Detection in Specific Industrial Control System Network

Matti Mantere, Mirko Sailio, Sami Noponen
2013 Future Internet  
One of such approaches is machine learning based anomaly detection.  ...  The network under investigation is represented by architectural drawing and results derived from network trace analysis.  ...  This paper is based on research work done in projects called DIAMONDS [25], funded by TEKES and INCYSE, funded by VTT.  ... 
doi:10.3390/fi5040460 fatcat:a2zn67gl7nbifdmho2tqkrducu

Using Security Logs for Collecting and Reporting Technical Security Metrics

Risto Vaarandi, Mauno Pihelgas
2014 2014 IEEE Military Communications Conference  
We will also describe a production framework for collecting and reporting technical security metrics which is based on novel open-source technologies for big data.  ...  Furthermore, recent security metrics research has focused on generic concepts, and the issue of collecting security metrics with log analysis methods has not been well studied.  ...  The paper considers security log collection and analysis as one of the critical controls, and also emphasizes the importance of IDS and Netflow based network monitoring.  ... 
doi:10.1109/milcom.2014.53 fatcat:kghiurnck5bijehztx6tfrscje

Packet analysis for network forensics: A comprehensive survey

Leslie F. Sikos
2020 Forensic Science International: Digital Investigation  
This paper is a comprehensive survey of the utilization of packet analysis, including deep packet inspection, in network forensics, and provides a review of AIpowered packet analysis methods with advanced  ...  Packet analysis is a primary traceback technique in network forensics, which, providing that the packet details captured are sufficiently detailed, can play back even the entire network traffic for a particular  ...  Similar to Snort, Suricata is popular enough to have support for many third-party tools that can complement it for visualization and analysis, including Snorby, 47 BASE, Sguil, 48 u2platform (formerly  ... 
doi:10.1016/j.fsidi.2019.200892 fatcat:pevkaeof5fh2lld6kmwqgw3gzu

Experimental Evaluation of a Hybrid Intrusion Detection System for Cloud Computing

Abdallah Ghourabi, Jouf University, Saudi Arabia
2019 International Journal of Advanced Trends in Computer Science and Engineering  
The detection model relies on two techniques: signature-based detection and anomaly-based detection.  ...  In this paper, we propose an approach to protect the cloud by providing a hybrid solution based on the distribution of intrusion detectors and the centralization of alerts for management purposes.  ...  The proof of concept prototype is based on both a signature analysis and anomaly analysis.  ... 
doi:10.30534/ijatcse/2019/65862019 fatcat:uesxo4foa5dvrmbf7bv6fjo45a
« Previous Showing results 1 — 15 out of 65 results