NCIL – 2015 #IJSRD

NCIL – 2015 #IJSRD Publication Partner

National Conference on "Student-driven Research for Inspired Learning" in Science and Technology

Publication Partner International Journal for scientific research & Development (IJSRD)

Date: 16-17 October 2015

http://ncilindia.in/

http://mac.du.ac.in/

NCIL - 2015

Objective

We are pleased to announce the 2nd National Conference on “Student-driven Research for Inspired Learning” (NCIL 2015) in Science and Technology on 16 - 17 October 2015 being organized by Embedded Systems and Robotics Centre (ESRC) and Department of Electronics, Maharaja Agrasen College, University of Delhi.

The primary objective of this conference is to provide a forum to share the wide and varied practices and initiatives of the student driven and institutionally-supported research at the undergraduate/ postgraduate level which leads to the combination of factors necessary for pedagogical effectiveness, enhanced learning outcomes, research productivity, promote networking and stimulate discussion.

The spot light of the conference shall vary widely from broad research to technical skills with focus on group research where students are exposed to open-ended problems, but in a more structured and less resource intensive way than one-on-one mentoring typical of research experience for undergraduate/ postgraduate programs.

Target Audience

• Teachers / Mentors / Educators
• Under-graduate and Post-graduate Students

from the field of Bio Technology, Chemistry, Computer Science, Electronics, Embedded Systems, Information Technology, Instrumentation, Life Sciences, Mathematics, Nanotechnology,Physics, Robotics, any other related fields.

Call for Papers

We invite Educators, Scholars and Students to contribute to the conference with papers/posters that address themes mentioned above. Faculty members / Students interested to attend the conference may register by filling registration form attached below latest by 10th September 2015. Early submissions are welcome. The papers received will be reviewed by a panel of experts and the authors of the selected papers will be informed accordingly.

All papers presented in the conference shall be published in Special edition of International Journal  for Scientific Research & Development (ISSN No (online). 2321-0613. Impact Factor: 2.39)

Organised by

Embedded Systems and Robotics Center, and Department of Electronics Maharaja Agrasen College University of Delhi Vasundhara Enclave Delhi - 110096

Publication Partner

International Journal  for Scientific Research & Development Website: ijsrd.com

A Novel Management Framework for Policy Anomaly in Firewall

IJSRD - International Journal for Scientific Research & Development

IJSRD Found good research work on Computer Science & Engineering Research Area related to Anomaly in Firewall.

Abstract

The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Firewalls are the most widely deployed security mechanism to ensure the security of private networks in most businesses and institutions. The effectiveness of security protection provided by a firewall mainly depends on the quality of policy configured in the firewall. Unfortunately, designing and managing firewall policies are often error-prone due to the complex nature of firewall configurations as well as the lack of systematic analysis mechanisms and tools. In this paper, we represent an innovative policy anomaly management framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective anomaly resolutions. We also discuss a proof-of-concept implementation of a visualization-based firewall policy analysis tool called Firewall Anomaly Management Environment (FAME). In addition, we demonstrate how efficiently our approach can discover and resolve anomalies in firewall policies through rigorous experiments using Automatic rule generation technique.

Key words: FAME, policy anomaly, firewall, segment

I. PROPOSED WORK AND SYSTEM ARCHITECTURE 

A distributed firewall preserves central control of access policy, which eliminates the dependency on topology. The proposed work introduces new ARG (Automatic Rule Generation) algorithm for distributed firewalls. The ARG algorithm proposed for automatically generating rules, detecting and resolving policy anomaly in distributed firewalls. By automating the task of administrator in distributed environment, it reduces the complexity and increases flexibility.[1]

The proposed system architecture in Fig.1 which has the following advantages: (i) No restriction for topological boundary. (ii) Automatic rule generation detects and resolves the policy anomalies in distributed firewalls. (iii) Eliminates redundancy (iv) Reduces complexity and increases flexibility.

In the proposed work, rules and actions are generated or modified according to the changes in the requirements of the dynamic environment. When a client sends a data packet to network, firewall checks the packet characteristics and decides to allow/deny the packet flow into the network. [1] The firewall rule anomalies are identified using packet space segmentation technique, and then the risk of anomalies is assessed, based upon the risk, the firewall rules are re-ordered. Risk assessment is measured using an upper bound and lower bound threshold values.

Fig. Data Flow Diagram

 The proposed work includes the following stages:
  Automatic rule generation
  Packet Space Segmentation
  Action Constraint Generation
  Rule Reordering
  Data Package

 A. Automatic Rule Generation:

When the client wants to send data packets to the network, some set of firewall rules should be satisfied to allow the packets in Fig 2. For this, network administrators from different location allocate certain firewall rules to the server. Here generation of firewall rules and actions are done automatically. This process is performed by taking certain specifications and constraints. [1] The specification are taken and mapped randomly to generate the firewall rules. The rules are generated in the rule engine, the action happens when a client sends data packet to rule engine.

For More Click Here...

WebSite: www.ijsrd.com