A graph-based methodology for analyzing IP spoofing attack
作者: V. Santiraveewan , Y. Permpoontanalarp
DOI: 10.1109/AINA.2004.1283792
关键词:
摘要: Firewalls offer a protection for private networks against both internal and external attacks. However, configuring firewalls to ensure the protections is difficult task. The main reason lack of methodology analyze security firewall configurations. IP spoofing attack an in which attacker can impersonate another person towards victim. We propose new verifying vulnerability configurations synthesizing spoofing-free Our based on graph theory, provides simple intuitive approach analysis attack.
ieeecomputersociety.org参考文章(5)
Giovanni Vigna, Richard A. Kemmerer, NetSTAT: a network-based intrusion detection system Journal of Computer Security. ,vol. 7, pp. 37- 71 ,(1999) , 10.3233/JCS-1999-7103
Y. Permpoontanalarp, C. Rujimethabhas, A graph theoretic model for hardware-based firewalls international conference on networks. pp. 228- 233 ,(2001) , 10.1109/ICON.2001.962345
Yongyuth Permpoontanalarp, Chaiwat Rujimethabhas, A Unified Methodology for Verification and Synthesis of Firewall Configurations international conference on information and communication security. pp. 328- 339 ,(2001) , 10.1007/3-540-45600-7_36
J.D. Guttman, Filtering postures: local enforcement for global policies ieee symposium on security and privacy. pp. 120- 129 ,(1997) , 10.1109/SECPRI.1997.601327
A. Mayer, A. Wool, E. Ziskind, Fang: a firewall analysis engine ieee symposium on security and privacy. pp. 177- 187 ,(2000) , 10.1109/SECPRI.2000.848455