Archivio Istituzionale della RicercaThe complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter- and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks.
A Formal Model of Network Policy Analysis / Valenza, Fulvio; Spinoso, Serena; Basile, Cataldo; Sisto, Riccardo; Lioy, Antonio. - STAMPA. - (2015), pp. 516-522. (Intervento presentato al convegno RTSI 2015 - First International Forum on Research and Technologies for Society and Industry tenutosi a Torino, Italy nel 16-18 September 2015) [10.1109/RTSI.2015.7325150].
A Formal Model of Network Policy Analysis
VALENZA, FULVIO;SPINOSO, SERENA;BASILE, CATALDO;SISTO, Riccardo;LIOY, ANTONIO
2015
Abstract
The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter- and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks.
| File | Dimensione | Formato | |
|---|---|---|---|
|
2015RTSI.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
689.13 kB
Formato
Adobe PDF
|
689.13 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
2015RTSI_author.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
168.15 kB
Formato
Adobe PDF
|
168.15 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2621143