Research on a Supervision System for Stateful Firewall Security Configuration based on Markov Chain
Authors
Bo Cao, Haohua Meng, Shan Yang, Fei Gao
Corresponding Author
Bo Cao
Available Online May 2016.
- DOI
- 10.2991/iccita-16.2016.26How to use a DOI?
- Keywords
- Markov Chain; queuing theory; firewall rules; access control
- Abstract
This article takes security configuration supervision of firewall as the research object, and proposes a supervision scheme of stateful firewall security configuration based on Markov Chain. As stateful firewall is a new type, traditional security configuration algorithm do not apply to its rule set comparison. The stateful firewall based on Markov Chain transforms the rule set into equivalent stateful firewall decision diagrams, and is applied to the stateful firewall rule set comparison. Both theoretical analysis and simulation results have shown that this method can effectively detect all the exception rules between the rule sets.
- Copyright
- © 2016, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Bo Cao AU - Haohua Meng AU - Shan Yang AU - Fei Gao PY - 2016/05 DA - 2016/05 TI - Research on a Supervision System for Stateful Firewall Security Configuration based on Markov Chain BT - Proceedings of the 2016 International Conference on Computer and Information Technology Applications PB - Atlantis Press SP - 145 EP - 149 SN - 2352-538X UR - https://doi.org/10.2991/iccita-16.2016.26 DO - 10.2991/iccita-16.2016.26 ID - Cao2016/05 ER -