Politecnico di Torino (logo)

Optimizations and Analysis in Firewall Anomaly Resolution

Ilaria Schio

Optimizations and Analysis in Firewall Anomaly Resolution.

Rel. Riccardo Sisto, Fulvio Valenza, Daniele Bringhenti. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2022

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (4MB) | Preview

The purpose of this thesis is to find an optimized algorithm to detect and solve anomalies and conflicts inside network firewalls by interrogating the administrator with the minimum number of queries possible. Anomalies and conflicts between rules inside firewalls may arise due to the wrong rules’ priority order, or some rules may become obsolete and they should be removed, there could also be mistakes such as duplication of rules, etc. After studying all the relationship cases between the rules and how they could generate conflicts and which type of conflicts, it was defined a semantic to query the network administrator, such that it meets the desired requirements and then it was designed an algorithm. In the theoretical algorithm it is used a SAT solver in which you force the constraint in order to reach the minimum number of queries. In the code implementation it is used the Java language, with the assume that in some cases it may not be optimal, but it requires one more cycle than the minimum number. Therefore, the algorithm is able to first determine clusters of rules inside a firewall that interact with each other, detect the potential conflicts within them and solve the conflicts in an efficient way.

Relators: Riccardo Sisto, Fulvio Valenza, Daniele Bringhenti
Academic year: 2022/23
Publication type: Electronic
Number of Pages: 154
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: UNSPECIFIED
URI: http://webthesis.biblio.polito.it/id/eprint/24648
Modify record (reserved for operators) Modify record (reserved for operators)