1,721,058 research outputs found
Automatic Firewalls’ Configuration Using Argumentation Reasoning
No full textFirewalls are widely used as the first frontier to protect the network from intrusions, vulnerability exploitations, and cyber-attacks. Usually, the configuration of this critical component of network security is done manually by network administrators that introduce human errors. In this paper, we present an automatic tool that is based on a formal framework, called ArgoFiCo. Our tool automatically configures the distributed firewalls of the network by generating conflict-free firewalls’ configuration. ArgoFiCo is based on abduction and argumentation reasoning and it permits the identification and resolution of anomalies in firewalls. Our tool provides an answer to the human error problem as it automatically populates the firewalls of a network, given the network topology and the high-level requirements of the network behaviour
An optimized firewall anomaly resolution
Full text linkFirewalls are the key mechanism in cybersecurity, that has been widely used to ensure network security. In literature, several works have been proposed in the area of firewall rules managing, however, the correct firewall configuration still remains a complex and error-prone task. Anomalies among firewall rules can cause severe network breaches, such as allowing harmful packets to slip into a subnetwork or dropping legitimate traffic which in turn could hinder the correct availability of web services. This paper aims to help the network security administrators by introducing a formal approach that reduces the number of anomalies in firewalls’ configurations that the administrators are usually obligated to manually solve
Formally specifying and checking policies and anomalies in service function chaining
Full text linkOne of the proposed management strategies for SDN networks is to specify traffic forwarding through policies, where each policy rule identifies a traffic flow and its traversed service chains. While network operators need to check network configurations as soon as possible, the SDN verification literature focuses on checking policy correctness during or after their deployment. This paper, instead, proposes early verification of forwarding policies before their deployment, by looking for the presence of anomalies that can potentially lead to erroneous and unexpected network behaviour. The proposed verification relies on a formal model that enables high flexibility in specifying both a forwarding policy and the set of anomalies to verify. The presented approach is efficient and highly scalable, as confirmed by tests with large networks
Guest editorial: Special issue on novel cyber-security paradigms for software-defined and virtualized systems
No full text
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Correlazione fra reperti anatomo-istopatologici ed isolamento virale nella Maedi degli ovini
No full text
- …
