Applying static code analysis to firewall policies for the purpose of anomaly detection

Details Applying static code analysis to firewall policies for the purpose of anomaly detection Applying static code analysis to firewall policies for the purpose of anomaly detection

2011-02-07

arxiv.org/abs/1102.1237v1

Computer Science

Programming Languages

Scientific paper

Treating modern firewall policy languages as imperative, special purpose programming languages, in this article we will try to apply static code analysis techniques for the purpose of anomaly detection. We will first abstract a policy in common firewall policy language into an intermediate language, and then we will try to apply anomaly detection algorithms to it. The contributions made by this work are: 1. An analysis of various control flow instructions in popular firewall policy languages 2. Introduction of an intermediate firewall policy language, with emphasis on control flow constructs. 3. Application of \textit{Static Code Analysis} to detect anomalies in firewall policy, expressed in intermediate firewall policy language. 4. Sample implementation of \textit{Static Code Analysis} of firewall policies, expressed in our abstract language using Datalog language.

Affiliated with

Also associated with

No associations

Rating

Applying static code analysis to firewall policies for the purpose of anomaly detection does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Applying static code analysis to firewall policies for the purpose of anomaly detection, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Applying static code analysis to firewall policies for the purpose of anomaly detection will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-680888