Global ETD Search

31	Estudo sobre a extração de políticas de firewall e uma proposta de metodologia / A Study about firewall policy extraction and a proposal for a methodology Horowitz, Eduardo January 2007 (has links) Com o aumento das ameaças na Internet, firewalls tornaram-se mecanismos de defesa cada vez mais utilizados. No entanto, sua configuração é notadamente complexa, podendo resultar em erros. Vários estudos foram realizados com o intuito de resolver tais problemas, mas a grande maioria deles se concentrou em trabalhar diretamente no nível de configuração, o que possui limitações. O presente trabalho investiga maneiras de extrair políticas em mais alto nível a partir de regras de firewall em baixo nível, o que é mais intuitivo. A fim de extrair as políticas reais a partir de regras de firewall, o problema do descorrelacionamento é estudado e algoritmos anteriormente propostos para resolvê-lo são apresentados e discutidos. É apresentado, também, um tipo de grafo para a melhor visualização e análise de correlacionamento entre regras. Além disso, é pesquisado o agrupamento de regras descorrelacionadas, que tem o objetivo de elevar o nível das mesmas. São apresentados dois algoritmos para realizar o agrupamento, sendo um deles novo. A seguir, é proposta uma nova metodologia de extração de políticas de firewall. A primeira parte desta consiste na utilização de um novo tipo de descorrelacionamento, o descorrelacionamento hierárquico. Este é acompanhado por uma nova maneira de agrupar regras descorrelacionadas hierarquicamente, o agrupamento hierárquico. A segunda parte é uma nova modelagem de regras de firewall que fazem parte de blacklist ou whitelist, separando-as das demais regras na extração de políticas. Algumas maneiras de realizar esta separação também são discutidas. Por fim, são relatadas as conclusões e possibilidades de trabalhos futuros. / As the number of threats in the Internet grows, firewalls have become a very important defense mechanism. However, configuring a firewall is not an easy task and is prone to errors. Several investigations have been made towards solving these issue. However, most of them have focused on working directly at the configuration level and have a number of limitations. This work investigates methods to extract higher level policies from low level firewall rules. Aiming at extracting real policies from firewall rules, we analyse the firewall decorrelation problem and previously proposed algoritmhs to solve it. In addition, a new type of graph is presented aiming at better visualising and analysing rules’ correlation. We also investigate the merging of decorrelated rules, with the goal of defining more abstract rules. Two algorithms are then presented and a new methodology for the extraction of firewall policies is proposed. This methodology is twofold. The first part consists of the use a new type of decorrelation: the hierachical decorrelation, which is introduced along with a new way of hierarchically merging decorrelated rules. The second part is a new model for blacklist or whitelist firewall rules, separating them from the other rules in the policy extraction. We also present alternatives for accomplishing this separation. Finally, we conclpude and point out directions for future work. Seguranca : Computadores Criptografia Firewall Network security Firewalls Firewall policies Decorrelation Policy extraction
32	Estudo sobre a extração de políticas de firewall e uma proposta de metodologia / A Study about firewall policy extraction and a proposal for a methodology Horowitz, Eduardo January 2007 (has links) Com o aumento das ameaças na Internet, firewalls tornaram-se mecanismos de defesa cada vez mais utilizados. No entanto, sua configuração é notadamente complexa, podendo resultar em erros. Vários estudos foram realizados com o intuito de resolver tais problemas, mas a grande maioria deles se concentrou em trabalhar diretamente no nível de configuração, o que possui limitações. O presente trabalho investiga maneiras de extrair políticas em mais alto nível a partir de regras de firewall em baixo nível, o que é mais intuitivo. A fim de extrair as políticas reais a partir de regras de firewall, o problema do descorrelacionamento é estudado e algoritmos anteriormente propostos para resolvê-lo são apresentados e discutidos. É apresentado, também, um tipo de grafo para a melhor visualização e análise de correlacionamento entre regras. Além disso, é pesquisado o agrupamento de regras descorrelacionadas, que tem o objetivo de elevar o nível das mesmas. São apresentados dois algoritmos para realizar o agrupamento, sendo um deles novo. A seguir, é proposta uma nova metodologia de extração de políticas de firewall. A primeira parte desta consiste na utilização de um novo tipo de descorrelacionamento, o descorrelacionamento hierárquico. Este é acompanhado por uma nova maneira de agrupar regras descorrelacionadas hierarquicamente, o agrupamento hierárquico. A segunda parte é uma nova modelagem de regras de firewall que fazem parte de blacklist ou whitelist, separando-as das demais regras na extração de políticas. Algumas maneiras de realizar esta separação também são discutidas. Por fim, são relatadas as conclusões e possibilidades de trabalhos futuros. / As the number of threats in the Internet grows, firewalls have become a very important defense mechanism. However, configuring a firewall is not an easy task and is prone to errors. Several investigations have been made towards solving these issue. However, most of them have focused on working directly at the configuration level and have a number of limitations. This work investigates methods to extract higher level policies from low level firewall rules. Aiming at extracting real policies from firewall rules, we analyse the firewall decorrelation problem and previously proposed algoritmhs to solve it. In addition, a new type of graph is presented aiming at better visualising and analysing rules’ correlation. We also investigate the merging of decorrelated rules, with the goal of defining more abstract rules. Two algorithms are then presented and a new methodology for the extraction of firewall policies is proposed. This methodology is twofold. The first part consists of the use a new type of decorrelation: the hierachical decorrelation, which is introduced along with a new way of hierarchically merging decorrelated rules. The second part is a new model for blacklist or whitelist firewall rules, separating them from the other rules in the policy extraction. We also present alternatives for accomplishing this separation. Finally, we conclpude and point out directions for future work. Seguranca : Computadores Criptografia Firewall Network security Firewalls Firewall policies Decorrelation Policy extraction
33	Stavový firewall v FPGA / Stateful Firewall for FPGA Žižka, Martin January 2012 (has links) This thesis describes the requirements analysis, design and implementation of stateful packet filtering to an existing stateless firewall. They also deals with testing of the implemented system. The first two chapters describe the properties NetCOPE development platform for FPGA. They also describes the principle of operation firewall, which also serves as a requirements specification for stateful firewall. Then describes the detailed design of individual modules to modify the existing firewall and the proposal for the creation of new modules. It also discusses the implementation of the proposed modules and testing for proper operation. Finally, it discuss the current state of the thesis and describes possible future expansion.
34	Entfernte Analyse von Netzen Hoefler, Torsten 27 May 2004 (has links) Remote Analyse von Netzwerken hinter Firewalls und Firewallsystemen. info:eu-repo/classification/ddc/004 ddc:004 Firewall Scanning Firewall Security fingerprinting firewalking
35	Comparative Firewall Study Höfler, Torsten, Burkert, Christian, Telzer, Martin 01 October 2004 (has links) Comparative Analysis of Firewall Systems / Vergleichende Analyse von Firewall Systemen info:eu-repo/classification/ddc/004 ddc:004 Firewall firewall analyse firewalls leistungsanalyse performaceanalyse
36	Gestion dynamique et évolutive de règles de sécurité pour l'Internet des Objets / Dynamic and scalable management of security rules for the Internet of Things Mahamat charfadine, Salim 02 July 2019 (has links) Avec l'évolution exponentielle de l'Internet des Objets (IoT), assurer la sécurité des réseaux est devenue un grand défi pour les administrateurs réseaux. La sécurité des réseaux est basée sur de multiples équipements indépendants tels que Firewall, IDS/IPS, NAC dont le rôle principal est de contrôler les informations échangées entre le réseau de l'entreprise et l'extérieur. Or, l'administration de ces équipements peut s'avérer très complexe et fastidieuse si elle est réalisée manuellement, équipement après équipement. L'introduction du concept de Software Defined Networking (SDN) depuis ces dernières années, et du protocole OpenFlow, offre beaucoup d'opportunités pour l'amélioration de la sécurité des réseaux en proposant une administration centralisée et programmable.Dans le cadre de cette thèse, nous avons proposé une nouvelle approche de sécurisation des échanges dans un réseau en fonction des événements détectés et de manière automatisée. Cette solution basée sur l'approche SDN couplé avec un système de détection d'intrusion permet d’analyser, de détecter et de supprimer des menaces de sécurité dans un réseau et de manière automatisée. En implémentant cette solution, nous contribuons à faire évoluer la manière de sécuriser les échanges dans un réseau avec du SDN couplé avec un IDS à travers la mise en place d'une architecture réelle de cas d'usage. Ainsi, la gestion de la sécurité du réseau devient simplifiée, dynamique et évolutive. / With the exponential evolution of the Internet of Things (IoT), ensure the network security has become a big challenge for networkadministrators. Traditionally, the network security is based on multiple independent devices such as firewall, IDS/IPS, NAC where the main role is to monitor the information exchanged between the inside and the outside perimeters of the enterprises networks. However, the administration of these network devices can be complex and tedious with an independent manual configuration. Recently, with the introduction of the Software Defined Networking concept (SDN) and the OpenFlow protocol offers many opportunities by providing a centralized and programmable network administration.As part of this research work, we proposed a new approach to secure the network traffic flows exchanges based on a method of events detection, in an automated manner. This solution is based on the SDN approach coupled to an intrusion detection system which allows analyze, detect and remove security threats. With the implementation, we contribute to change the paradigm of secure the network traffic flows exchanges using the SDN principle, coupled with an IDS in a real use case architecture. In this way, the management of network security becomes simplified, dynamic and scalable. IoT Sdn Sécurité OpenFlow Firewall Ids/ips IoT Sdn Security OpenFlow Firewall Ids/ips 004.6
37	Analysis and Management of Security State for Large-Scale Data Center Networks January 2018 (has links) abstract: With the increasing complexity of computing systems and the rise in the number of risks and vulnerabilities, it is necessary to provide a scalable security situation awareness tool to assist the system administrator in protecting the critical assets, as well as managing the security state of the system. There are many methods to provide security states' analysis and management. For instance, by using a Firewall to manage the security state, and/or a graphical analysis tools such as attack graphs for analysis. Attack Graphs are powerful graphical security analysis tools as they provide a visual representation of all possible attack scenarios that an attacker may take to exploit system vulnerabilities. The attack graph's scalability, however, is a major concern for enumerating all possible attack scenarios as it is considered an NP-complete problem. There have been many research work trying to come up with a scalable solution for the attack graph. Nevertheless, non-practical attack graph based solutions have been used in practice for realtime security analysis. In this thesis, a new framework, namely 3S (Scalable Security Sates) analysis framework is proposed, which present a new approach of utilizing Software-Defined Networking (SDN)-based distributed firewall capabilities and the concept of stateful data plane to construct scalable attack graphs in near-realtime, which is a practical approach to use attack graph for realtime security decisions. The goal of the proposed work is to control reachability information between different datacenter segments to reduce the dependencies among vulnerabilities and restrict the attack graph analysis in a relative small scope. The proposed framework is based on SDN's programmable capabilities to adjust the distributed firewall policies dynamically according to security situations during the running time. It apply white-list-based security policies to limit the attacker's capability from moving or exploiting different segments by only allowing uni-directional vulnerability dependency links between segments. Specifically, several test cases will be presented with various attack scenarios and analyze how distributed firewall and stateful SDN data plan can significantly reduce the security states construction and analysis. The proposed approach proved to achieve a percentage of improvement over 61% in comparison with prior modules were SDN and distributed firewall are not in use. / Dissertation/Thesis / Masters Thesis Computer Engineering 2018 Computer science Attack Graphs Distributed Firewall Scalability SDN
38	Embedded network firewall on FPGA Ajami, Raouf 22 November 2010 The Internet has profoundly changed todays human being life. A variety of information and online services are offered by various companies and organizations via the Internet. Although these services have substantially improved the quality of life, at the same time they have brought new challenges and difficulties. The information security can be easily tampered by many threats from attackers for different purposes. A catastrophe event can happen when a computer or a computer network is exposed to the Internet without any security protection and an attacker can compromise the computer or the network resources for destructive intention.<p> The security issues can be mitigated by setting up a firewall between the inside network and the outside world. A firewall is a software or hardware network device used to enforce the security policy to the inbound and outbound network traffic, either installed on a single host or a network gateway. A packet filtering firewall controls the header field in each network data packet based on its configuration and permits or denies the data passing thorough the network.<p> The objective of this thesis is to design a highly customizable hardware packet filtering firewall to be embedded on a network gateway. This firewall has the ability to process the data packets based on: source and destination TCP/UDP port number, source and destination IP address range, source MAC address and combination of source IP address and destination port number. It is capable of accepting configuration changes in real time. An Altera FPGA platform has been used for implementing and evaluating the network firewall. fpga network security embedded systems packet filtering firewall
39	An Analysis and Comparison of The Security Features of Firewalls and IDSs Sulaman, Sardar Muhammad January 2011 (has links) In last few years we have observed a significant increase in the usage of computing devices and their capabilities to communicate with each other. With the increase in usage and communicating capabilities the higher level of network security is also required. Today the main devices used for the network security are the firewalls and IDS/IPS that provide perimeter defense. Both devices provide many overlapping security features but they have different aims, different protection potential and need to be used together. A firewall is an active device that implements ACLs and restricts unauthorized access to protected resources. An IDS only provides information for further necessary actions, not necessarily perimeter related, but some of these needed actions can be automated, such as automatic blocking in the firewall of attacking sites, which creates an IPS. This thesis report analyzed some common firewall and IDS products, and described their security features, functionalities, and limitations in detail. It also contains the comparison of the security features of the both devices. The firewall and IDS perform different functions for the network security, so they should be used in layered defense architecture. The passwords, firewalls, IDSs/IPSs and physical security all together provide a layered defense and complement each other. The firewall and IDS alone cannot offer sufficient network protection against the network attacks, and they should be used together to enhance the defense-in-depth or layered approach. Firewall Intrusion Detection Anomaly Access Control Packet Inspection Signatures IDS
40	Embedded network firewall on FPGA Ajami, Raouf 22 November 2010 (has links) The Internet has profoundly changed todays human being life. A variety of information and online services are offered by various companies and organizations via the Internet. Although these services have substantially improved the quality of life, at the same time they have brought new challenges and difficulties. The information security can be easily tampered by many threats from attackers for different purposes. A catastrophe event can happen when a computer or a computer network is exposed to the Internet without any security protection and an attacker can compromise the computer or the network resources for destructive intention.<p> The security issues can be mitigated by setting up a firewall between the inside network and the outside world. A firewall is a software or hardware network device used to enforce the security policy to the inbound and outbound network traffic, either installed on a single host or a network gateway. A packet filtering firewall controls the header field in each network data packet based on its configuration and permits or denies the data passing thorough the network.<p> The objective of this thesis is to design a highly customizable hardware packet filtering firewall to be embedded on a network gateway. This firewall has the ability to process the data packets based on: source and destination TCP/UDP port number, source and destination IP address range, source MAC address and combination of source IP address and destination port number. It is capable of accepting configuration changes in real time. An Altera FPGA platform has been used for implementing and evaluating the network firewall. fpga network security embedded systems packet filtering firewall

Search results