A formal model of network policy analysis

A formal model of network policy analysis. Valenza, F., Spinoso, S., Basile, C., Sisto, R., & Lioy, A. In Proceedings of the 1st IEEE International Forum on Research and Technologies for Society and Industry (RTSI 2015), pages 516-522, 2015.

Paper doi abstract bibtex 5 downloads

The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter-and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks. © 2015 IEEE.

@InProceedings{2015RTSI,
  author    = {Valenza, F. and Spinoso, S. and Basile, C. and Sisto, R. and Lioy, A.},
  booktitle = {Proceedings of the 1st {IEEE} International Forum on Research and Technologies for Society and Industry (RTSI 2015)},
  doi       = {10.1109/RTSI.2015.7325150},
  pages     = {516-522},
  title     = {A formal model of network policy analysis},
  year      = {2015},
  abstract  = {The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter-and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks. © 2015 IEEE.},
  keywords  = {Policy Analysis},
  url       = {https://iris.polito.it/retrieve/handle/11583/2621143/426656/2015RTSI_author.pdf},
}

Downloads: 5

{"_id":"jcprXLa3L8bdyWtGq","bibbaseid":"valenza-spinoso-basile-sisto-lioy-aformalmodelofnetworkpolicyanalysis-2015","authorIDs":["anJrBcCdr4LzzWetx"],"author_short":["Valenza, F.","Spinoso, S.","Basile, C.","Sisto, R.","Lioy, A."],"bibdata":{"bibtype":"inproceedings","type":"inproceedings","author":[{"propositions":[],"lastnames":["Valenza"],"firstnames":["F."],"suffixes":[]},{"propositions":[],"lastnames":["Spinoso"],"firstnames":["S."],"suffixes":[]},{"propositions":[],"lastnames":["Basile"],"firstnames":["C."],"suffixes":[]},{"propositions":[],"lastnames":["Sisto"],"firstnames":["R."],"suffixes":[]},{"propositions":[],"lastnames":["Lioy"],"firstnames":["A."],"suffixes":[]}],"booktitle":"Proceedings of the 1st IEEE International Forum on Research and Technologies for Society and Industry (RTSI 2015)","doi":"10.1109/RTSI.2015.7325150","pages":"516-522","title":"A formal model of network policy analysis","year":"2015","abstract":"The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter-and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks. © 2015 IEEE.","keywords":"Policy Analysis","url":"https://iris.polito.it/retrieve/handle/11583/2621143/426656/2015RTSI_author.pdf","bibtex":"@InProceedings{2015RTSI,\r\n author = {Valenza, F. and Spinoso, S. and Basile, C. and Sisto, R. and Lioy, A.},\r\n booktitle = {Proceedings of the 1st {IEEE} International Forum on Research and Technologies for Society and Industry (RTSI 2015)},\r\n doi = {10.1109/RTSI.2015.7325150},\r\n pages = {516-522},\r\n title = {A formal model of network policy analysis},\r\n year = {2015},\r\n abstract = {The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous and unexpected network behaviour (e.g., security flaws) can derive from the wrong network policy definition, but also from the possible anomalies among policies of different domains. This paper presents a formal model for detecting inter-and intra-domain policy anomalies. Policy anomalies allow administrators to identify all the network behaviours they consider erroneous or to be monitored. To validate the generality of the proposed solution, the model has been applied to three policy domains (packet filtering, communication protection and service function chaining) and the impact of an anomaly detection analysis was tested in different sized networks. © 2015 IEEE.},\r\n keywords = {Policy Analysis},\r\n url = {https://iris.polito.it/retrieve/handle/11583/2621143/426656/2015RTSI_author.pdf},\r\n}\r\n\r\n","author_short":["Valenza, F.","Spinoso, S.","Basile, C.","Sisto, R.","Lioy, A."],"key":"2015RTSI","id":"2015RTSI","bibbaseid":"valenza-spinoso-basile-sisto-lioy-aformalmodelofnetworkpolicyanalysis-2015","role":"author","urls":{"Paper":"https://iris.polito.it/retrieve/handle/11583/2621143/426656/2015RTSI_author.pdf"},"keyword":["Policy Analysis"],"metadata":{"authorlinks":{"valenza, f":"https://bibbase.org/show?bib=https%3A%2F%2Fraw.githubusercontent.com%2FFulvioValenza%2Fbibliography%2Fmain%2FValenza_bibliography.bib&commas=true"}},"downloads":5},"bibtype":"inproceedings","biburl":"https://raw.githubusercontent.com/FulvioValenza/bibliography/main/Valenza_bibliography.bib","creationDate":"2021-01-26T12:36:16.681Z","downloads":5,"keywords":["policy analysis"],"search_terms":["formal","model","network","policy","analysis","valenza","spinoso","basile","sisto","lioy"],"title":"A formal model of network policy analysis","year":2015,"dataSources":["JbiX35GNqPCF3nids","csYhy47rJJgSM7jjJ"]}