ISSN 0021-3454 (print version)
ISSN 2500-0381 (online version)
Menu

9
Issue
vol 60 / SEPTEMBER, 2017
Article
UDC 004.056

FILTERING POLICY VERIFICATION BASED ON EVENT CALCULUS AND ABDUCTION REASONING

Сидельникова Е. В.
;


Тишков А. В.
;


I. V. Kotenko
St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, Laboratory of Computer Security Problems ; Professor


Abstract. The abductive reasoning approach to verification of filtering policy is considered. The anomaly classification for rules of firewall access control list is proposed. Various scenarios of firewall functioning modeling are analyzed on the base of Event Calculus. Application of abductive search methods for detection and resolution of filtering policy anomalies is presented. These methods are based on disjoint granulation of rule conditions.
Keywords: firewall, traffic filtering, abductive reasoning, network traffic filtering anomaly.