Evaluation of binary decision diagrams for redundancy, shadowing, generalisation and correlation in an Information sharing model.

Uthmani, Omair; Buchanan, William J; Fan, Lu; Lawson, Alistair

Evaluation of binary decision diagrams for redundancy, shadowing, generalisation and correlation in an Information sharing model.

Uthmani, Omair; Buchanan, William J; Fan, Lu; Lawson, Alistair

Authors

Omair Uthmani

Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor

Lu Fan

Alistair Lawson A.Lawson@napier.ac.uk
Associate Professor

Abstract

This paper defines a structured methodology which is based on the foundational work of Al-Shaer et al. in [1] and that of Hamed and Al-Shaer in [2]. It defines a methodology for the declaration of policy field elements, through to the syntax, ontology and functional verification stages. In their works of [1] and [2] the authors concentrated on developing formal definitions of possible anomalies between rules in a network firewall rule set. Their work is considered as the foundation for further works on anomaly detection, including those of Fitzgerald et al. [3], Chen et al. [4], Hu et al. [5], among others. This paper extends this work by applying the methods to information sharing policies, and outlines the evaluation related to these.

Working Paper Type	Working Paper
Deposit Date	Nov 5, 2013
Peer Reviewed	Peer Reviewed
Keywords	Policy field elements; network firewall; anomaly detection; binary decision diagrams;
Public URL	http://researchrepository.napier.ac.uk/id/eprint/6469
Contract Date	Nov 5, 2013