User-controllable Firewall Policy Management

Time: April 30, 2009 - 9:00 AM - 10:00 AM

Location: INI Conference Room, Lower Level

Description:

Presenter: Wang Xiaodong

Refreshments Served

Supervisor: Norman Sadeh, Professor at School of Computer Science
Reader: Paul Hankes Drielsma, Post-Doc at School of Computer Science

Recently, users have been interacting with more and more policy management (e.g. privacy settings on Facebook). But users have difficulty specifying such policies well. Some applications use machine learning to assist the user because users are restricted to express their intended policy.

In my thesis, I propose the user-controllable approach on the firewall policy management. Although a firewall policy is mere a sequence of rules, the process of configuring and revising it correctly is by no means easy and is error prone. My approach extends the audit log mechanism of classical model and customizes the efficient policy learning model for firewall policy. Moreover, the deviation metric is introduced to evaluate the transition policies.

In the research, we started from the initial policy transition. But in the experiment, it is proved to be computationally impossible and inefficient. Later on, the efficient transition model is developed along with our new space division algorithm and policy transition algorithm. To evaluate the transition policies in score, they include three metrics: Transition Score, Deviation Score and Complexity Score. Finally, to prove our model’s validity and efficiency, I conducted several experiments by adjusting the input variables: audited network flow numbers for each transition and extension numbers during one time transition. From the results, they show the potential and efficiency of the proposed approach. Furthermore, it leads us to some interesting and open challenges in future research.