An Integrated Framework for Automated Firewall Testing and Validation

Author

En-Nouaary, Abdeslam ; Akiki, Mehdi

Author_Institution

Dept. d´´Inf., Inst. Nat. des Postes et Telecommun., Rabat, Morocco

fYear

2010

fDate

12-14 April 2010

Firstpage

768

Lastpage

773

Abstract

In today´s global world, more and more corporations are bound to have an internet presence. This has led to a significant increase in network attacks of all kinds. Firewalls are used to protect organization networks against these attacks. Firewall design is based on a set of filtering rules. Because of the nature of these rules, and due to the rising complexity of security policies, errors are introduced when configuring firewalls. Therefore, reliable and automated techniques for validating and testing firewall configurations become a necessity before any deployment. This paper presents a new approach for testing firewalls based on their configurations. Our method is fully automated-from the generation of the test set to the detection and correction of the error in the firewall file.

Keywords

Internet; authorisation; program testing; program verification; Firewall design; Internet presence; automated firewall testing; automated firewall validation; filtering rules; network attacks; organization networks; security policies; white box testing; Automatic testing; Electronic mail; Error correction; IP networks; Information filtering; Information filters; Internet; Phase detection; Protection; Telecommunication traffic; firewall configurations; firewalls; policy languages; white box testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology: New Generations (ITNG), 2010 Seventh International Conference on

Conference_Location

Las Vegas, NV

Print_ISBN

978-1-4244-6270-4

Type

conf

DOI

10.1109/ITNG.2010.256

Filename

5501686