@inproceedings{b6d0552d903441619b7aa2880063feaf,
title = "FAME: A firewall anomaly management environment",
abstract = "Firewalls are a widely deployed security mechanism to ensure the security of private networks in most businesses and institutions. The effectiveness of security protection provided by a firewall mainly depends on the quality of policy configured in the firewall. However, designing and managing firewall policies are often error-prone due to the complex nature of firewall configurations as well as the lack of systematic analysis mechanisms and tools. This paper represents an innovative anomaly management framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective anomaly resolutions. In particular, we articulate a grid-based representation technique for providing an intuitive cognitive sense about policy anomaly and facilitating efficient policy anomaly management. In addition, we demonstrate the feasibility and applicability of our framework through a proof-of-concept prototype of a visualization-based firewall policy analysis tool called Firewall Anomaly Management Environment (FAME).",
keywords = "anomaly management, firewall policies, visualization tool",
author = "Hongxin Hu and Gail-Joon Ahn and Ketan Kulkarni",
note = "Copyright: Copyright 2011 Elsevier B.V., All rights reserved.; 3rd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '10, Co-located with CCS'10 ; Conference date: 04-10-2010 Through 08-10-2010",
year = "2010",
doi = "10.1145/1866898.1866902",
language = "English (US)",
isbn = "9781450300933",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
pages = "17--26",
booktitle = "Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '10, Co-located with CCS'10",
}