[1] RUBIN A D, GEER D, RANUM M J. Web Security Sourcebook[M]. New York:John Wiley & Sons, 1997:14-15. [2] YOON M K, CHEN S, ZHANG Z. Minimizing the maximum firewall rule set in a network with multiple firewalls[J]. IEEE Transactions on Computers, 2009, 59(2):218-230. [3] 张昭理,洪帆,肖海军.一种防火墙规则冲突检测算法[J].计算机工程与应用,2007,43(15):111-113.(ZHANG S L, HONG F, XIAO H J. Firewall rule conflict discovery algorithm[J]. Computer Engineering and Applications, 2007, 43(15):111-113.) [4] 殷奕,汪芸.防火墙规则间包含关系的解析方法[J].计算机应用,2015,35(11):3083-3086,3101.(YIN Y, WANG Y. Analysis method of inclusion relations between firewall rules[J]. Journal of Computer Applications, 2015, 35(11):3083-3086,3101.) [5] 唐晔.一种基于规则分解映射的防火墙规则匹配算法[J].计算机应用,2009,29(11):2969-2971,2976.(TANG Y. Rule matching mapping algorithm for firewall based on rule decomposion mapping[J]. Journal of Computer Applications, 2009, 29(11):2969-2971,2976.) [6] 施荣华,莫锐,赵文涛.一种基于冲突检测的无关联规则集匹配算法[J].计算机工程与科学,2010,32(10):1-4.(SHI R H, MO R, ZHAO W T. An irrelative rule set match algorithm based on collision detection[J]. Computer Engineering and Science, 2010, 32(10):1-4.) [7] 卢云龙,罗守山,郭玉鹏.基于改进策略树的防火墙策略审计方案设计与实现[J].信息网络安全,2014(10):64-69.(LU Y L, LUO S S, GUO Y P. The design and implementation of firewall policy audit plan based on improved strategy tree[J]. Netinfo Security, 2014(10):64-69.) [8] LIU A X. Formal verification of firewall policies[C]//Proceedings of the 2008 IEEE International Conference on Communications. Piscataway, NJ:IEEE, 2008:1494-1498. [9] KAROUI K, FTIMA F B, GHEZALA H B. Firewalls anomalies severity evaluation and classification[J]. International Journal of Security & Networks, 2014, 9(3):167-176. [10] LIAO X J, WANG Y, LU H. Rule anomalies detection in firewalls[J]. Key Engineering Materials, 2011, 474/475/476:822-827.(无期) [11] ALSHAER E S, HAMED H H. Discovery of policy anomalies in distributed firewalls[C]//Proceedings of the 2004 IEEE International Conference on Computer Communications, Piscataway, NJ:IEEE, 2004:2605-2616. [12] 张丽.分布式防火墙策略异常检测算法的研究[D].南京:南京理工大学,2007:44-48.(ZHANG L. The research on distributed firewall policy anomaly detection algorithm[D]. Nanjing:Nanjing University of Science and Technology, 2007:44-48.) [13] 吴军,邓宝龙,邵定宏.基于SMFDD实现分布式防火墙异常规则检测及优化[J].计算机工程与设计,2014,35(11):3741-3746.(WU J, DENG B L, SHAO D H. Anomaly detection and optimization of distributed firewall rules based on SMFDD[J]. Computer Engineering and Design, 2014, 35(11):3741-3746.) [14] THANASEGARAN S, TATEIWA Y, KATAYAMA Y, et al. Design and implementation of conflict detection system for time-based firewall policies[J]. Journal of Next Generation Information Technology, 2011, 2(4):24-39. [15] CHEN F, LIU A X, HWANG J, et al. First step towards automatic correction of firewall policy faults[J]. ACM Transactions on Autonomous & Adaptive Systems, 2011, 7(2):439-447. |