Detecting Policy Anomalies in Firewalls by Relational Algebra and Raining 2D-Box Model
Naveen Mukkapati1, Ch.V. Bhargavi2
1Dr.M.Karnan, Department of Computer Science and Engineering, Tamilnadu College of Engineering, Coimbatore, Tamilnadu, India.
2N.Krishnaraj, Research Scholar, Manonmaniam Sundaranar University, Tirunelveli,Tamilnadu , India.
Manuscript received on July 01, 2012. | Revised Manuscript received on July 04, 2012. | Manuscript published on July 05, 2012. | PP: 343-348 | Volume-2, Issue-3, July 2012. | Retrieval Number: C0764062312 /2012©BEIESP
Open Access | Ethics and Policies | Cite
© The Authors. Published By: Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Firewalls are crucial elements in the computer networks. Due to lack of tools for analyzing firewall policies, most firewalls on the internet have been plagued with policy anomalies. In this paper, we propose a method; which analyzes the firewall by using Relational Algebra and Raining 2D-Box Model. It can find out all the anomalies in the firewall rule-set in the format that is usually used by many firewall products such as Cisco Access Control List, IPTABLES, IPCHAINS and Check Point Firewall-1. While the existing analyzing methods consider the anomalies between any two rules in the firewall rule-set, we consider more than two rules together at the same time to find out the anomaly. Therefore we can find all the hidden anomalies in the firewall rule-set. Results from analyzing can be used with the proposed rules-combination method presented in this paper, to minimize the firewall rule without changing the policy. This method could help administrator to analyze and modify a complex firewall policy.
Keywords: Firewall, policy, relational algebra, correlation anomaly, raining 2D-Box Model