What Do Firewalls Protect?An Empirical Study of Firewalls, Vulnerabilities, and Attacks
作者: Keith Marzullo , Sean Peisert , Matt Bishop
DOI:
关键词:
摘要: Firewalls are a cornerstone of how sites implement defense in depth. Many security policies assume that outside attackers must first penetrate firewall configured to block their access. This paper examines what firewalls protect against, and whether those protections sufficient warrant placing the current level trust firewalls.
ucdavis.edu 参考文章(30)
Sean Philip Peisert, Sidney Karin, A model of forensic analysis using goal-oriented logging University of California at San Diego. ,(2007)
Pasi Eronen, Jukka Zitting, An expert system for analyzing firewall rules ,(2001)
Fred Chris Smith, Rebecca Gurley Bace, A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony as an Expert Technical Witness ,(2002)
Cristian Estan, George Varghese, Stefan Savage, Sumeet Singh, Automated worm fingerprinting operating systems design and implementation. pp. 4- 4 ,(2004)
Michael E. Locasto, Ke Wang, Angelos D. Keromytis, Salvatore J. Stolfo, FLIPS: Hybrid Adaptive Intrusion Prevention Lecture Notes in Computer Science. pp. 82- 101 ,(2006) , 10.1007/11663812_5
Avishai Wool, Architecting the Lumeta firewall analyzer usenix security symposium. pp. 7- 7 ,(2001)
Tom�s E. Uribe, Steven Cheung, Automatic analysis of firewall and network intrusion detection system configurations formal methods in security engineering. ,vol. 15, pp. 66- 74 ,(2004) , 10.1145/1029133.1029143
Sean Peisert, Matt Bishop, Sidney Karin, Keith Marzullo, Analysis of Computer Intrusions Using Sequences of Function Calls IEEE Transactions on Dependable and Secure Computing. ,vol. 4, pp. 137- 150 ,(2007) , 10.1109/TDSC.2007.1003
Yair Bartal, Alain Mayer, Kobbi Nissim, Avishai Wool, Firmato: A novel firewall management toolkit ACM Transactions on Computer Systems. ,vol. 22, pp. 381- 420 ,(2004) , 10.1145/1035582.1035583
Matt Bishop, The insider problem revisited new security paradigms workshop. pp. 75- 76 ,(2005) , 10.1145/1146269.1146287