Measuring firewall security | IEEE Conference Publication | IEEE Xplore

Measuring firewall security

Publisher: IEEE

Abstract:

In the recent years, more attention is given to firewalls as they are considered the corner stone in Cyber defense perimeters. The ability to measure the quality of prote...View more

Abstract:

In the recent years, more attention is given to firewalls as they are considered the corner stone in Cyber defense perimeters. The ability to measure the quality of protection of a firewall policy is a key step to assess the defense level for any network. To accomplish this task, it is important to define objective metrics that are formally provable and practically useful. In this work, we propose a set of metrics that can objectively evaluate and compare the hardness and similarities of access policies of single firewalls based on rules tightness, the distribution of the allowed traffic, and security requirements. In order to analyze firewall polices based on the policy semantic, we used a canonical representation of firewall rules using Binary Decision Diagrams (BDDs) regardless of the rules format and representation. The contribution of this work comes in measuring and comparing firewall security deterministically in term of security compliance and weakness in order to optimize security policy and engineering.
Date of Conference: 31 October 2011 - 01 November 2011
Date Added to IEEE Xplore: 26 December 2011
ISBN Information:
Publisher: IEEE
Conference Location: Arlington, VA, USA

References

References is not available for this document.