Etd

Reusable Annotations for Matching of Event Sequences to Construct Firewall Policies

Public

Downloadable Content

open in viewer

Organizations of all types use firewall systems to protect their networks from threats. Those firewalls are governed by the policies used to configure them. The PEACE (Policy Enforcement and Access Control for End-points) system is a new combination, network-plus-host based firewall that gives analysts a novel new set of data to build policy attributes for. This data are semi-structured strings that represent the hierarchy of graphical user interface components that have been interacted with around the time that host sent a network request. The multivariate, hierarchical, semi-structured nature of this data can make it a laborious or non-intuitive task to create the string matching rules that are used by the firewall policies. We present a targeted, interactive, event-sequence based \cite{cappers2017exploring} tool for the purpose of building policies for the PEACE firewall system's graphical user interface data.

Creator
Contributors
Degree
Unit
Publisher
Identifier
  • etd-3131
Advisor
Defense date
Year
  • 2019
Date created
  • 2019-12-13
Resource type
Rights statement
Last modified
  • 2023-11-06

Relations

In Collection:

Items

Items

Permanent link to this page: https://digital.wpi.edu/show/z890rw52c