The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter- and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks.

A Formal Model of Network Policy Analysis / Valenza, Fulvio; Spinoso, Serena; Basile, Cataldo; Sisto, Riccardo; Lioy, Antonio. - STAMPA. - (2015), pp. 516-522. (Intervento presentato al convegno RTSI 2015 - First International Forum on Research and Technologies for Society and Industry tenutosi a Torino, Italy nel 16-18 September 2015) [10.1109/RTSI.2015.7325150].

A Formal Model of Network Policy Analysis

VALENZA, FULVIO;SPINOSO, SERENA;BASILE, CATALDO;SISTO, Riccardo;LIOY, ANTONIO
2015

Abstract

The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter- and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks.
2015
978-1-4673-8166-6
File in questo prodotto:
File Dimensione Formato  
2015RTSI.pdf

non disponibili

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 689.13 kB
Formato Adobe PDF
689.13 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
2015RTSI_author.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: PUBBLICO - Tutti i diritti riservati
Dimensione 168.15 kB
Formato Adobe PDF
168.15 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2621143