Faculty Advisor or Committee Member

Craig A. Shue, Advisor

Identifier

etd-3131

Abstract

Organizations of all types use firewall systems to protect their networks from threats. Those firewalls are governed by the policies used to configure them. The PEACE (Policy Enforcement and Access Control for End-points) system is a new combination, network-plus-host based firewall that gives analysts a novel new set of data to build policy attributes for. This data are semi-structured strings that represent the hierarchy of graphical user interface components that have been interacted with around the time that host sent a network request. The multivariate, hierarchical, semi-structured nature of this data can make it a laborious or non-intuitive task to create the string matching rules that are used by the firewall policies. We present a targeted, interactive, event-sequence based \cite{cappers2017exploring} tool for the purpose of building policies for the PEACE firewall system's graphical user interface data.

Publisher

Worcester Polytechnic Institute

Degree Name

MS

Department

Computer Science

Project Type

Thesis

Date Accepted

2019-04-04

Accessibility

Unrestricted

Subjects

firewall systems

Share

COinS