| | |
Summary: Analysis of Firewall Policy Rules
Using Data Mining Techniques
Korosh Golnabi, Richard K. Min, Latifur Khan
Department of Computer Science
The University of Texas at Dallas
Richardson, USA
(koroshg, m010300, lkhan)@utdallas.edu
Ehab Al-Shaer
Multimedia Networking Research Laboratory
DePaul University
Chicago, USA
ehab@cs.depaul.edu
Abstract-- Firewall is the de facto core technology of today's
network security and defense. However, the management of
firewall rules has been proven to be complex, error-prone, costly
and inefficient for many large-networked organizations. These
firewall rules are mostly custom-designed and hand-written thus
in constant need for tuning and validation, due to the dynamic
nature of the traffic characteristics, ever-changing network
environment and its market demands. One of the main problems
|
