acm-header
Sign In

Communications of the ACM

ACM TechNews

Improving Network Firewalls


View as: Print Mobile App Share:
brick wall

Credit: iStockPhoto.com

Analyzing firewall log files could provide a better assessment of a corporate network's firewall protection. Muhammad Abedin of the University of Texas at Dallas and colleagues believe the constantly changing log files of corporate firewalls can provide more helpful data on computer network traffic.

Researchers have previously developed methods for analyzing firewall rule sets, but the static approaches did not take advantage of log file activity. "By comparing the extracted rules with the original rules, we can easily find if there is any anomaly in the original rules, and if there is any defect in the implementation," the researchers say. "Our experiments show that the effective firewall rules can be regenerated to a high degree of accuracy from just a small amount of data."

The traffic mining approach also can detect anomalies that lead to omissions in the logs themselves.

From EurekAlert
View Full Article

 

Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account