Title :
Firewall log analysis and dynamic rule re-ordering in firewall policy anomaly management framework
Author :
Lubna, K. ; Cyiac, Robin ; Kavitha Karun, A.
Author_Institution :
Dept. of Comput. Sci. & Eng., Rajagiri Sch. of Eng. & Technol., Kochi, India
Abstract :
Today, there are more many ways to communicate than there were just a few years ago and among them, internet plays a major role. Firewalls are essential for a secure network communication to ensure that only trusted packets are transferred between the private and public network. In firewall, security policy is implemented based on the rules defined by the network administrator; that decides which packets can be allowed to an organization´s private network. Manual definition of rules often results in anomalies in the policy. Therefore, an effective anomaly detection and resolution approach is needed. After resolving these conflicts, the rules can be re-ordered dynamically that improves the efficiency of the anomaly management framework. With firewall log analysis, frequently used rules can be set as primitive rules, to which more security can be added.
Keywords :
Internet; data mining; firewalls; trusted computing; Internet; anomaly detection; association rule mining; dynamic rule re-ordering; firewall log analysis; firewall policy anomaly management framework; network administrator; organization private network; public network; resolution approach; secure network communication; security policy; trusted packets; Association rules; Filtering; IP networks; Internet; Ports (Computers); association rule mining; firewall logs; policy anomaly; rule re-ordering;
Conference_Titel :
Green Computing, Communication and Conservation of Energy (ICGCE), 2013 International Conference on
Conference_Location :
Chennai
DOI :
10.1109/ICGCE.2013.6823553
