{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:51:54Z","timestamp":1742914314707,"version":"3.40.3"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319170398"},{"type":"electronic","value":"9783319170404"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-17040-4_14","type":"book-chapter","created":{"date-parts":[[2015,4,4]],"date-time":"2015-04-04T09:05:56Z","timestamp":1428138356000},"page":"221-236","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A Formal Approach to Verify Completeness and Detect Anomalies in Firewall Security Policies"],"prefix":"10.1007","author":[{"given":"Ahmed","family":"Khoumsi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wadie","family":"Krombi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohammed","family":"Erradi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,4,5]]},"reference":[{"issue":"1","key":"14_CR1","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1109\/TNSM.2004.4623689","volume":"1","author":"E Al-Shaer","year":"2004","unstructured":"Al-Shaer, E., Hamed, H.: Modeling and management of firewall policies. IEEE Trans. Netw. Serv. Manage. 1(1), 2\u201310 (2004)","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"issue":"3","key":"14_CR2","first-page":"92","volume":"3","author":"K Karoui","year":"2013","unstructured":"Karoui, K., Ben Ftima, F., Ben Ghezala, H.: Formal specification, verification and correction of security policies based on the decision tree approach. Int. J. Data Netw. Secur. 3(3), 92\u2013111 (2013)","journal-title":"Int. J. Data Netw. Secur."},{"issue":"12","key":"14_CR3","first-page":"1387","volume":"2","author":"M Madhuri","year":"2013","unstructured":"Madhuri, M., Rajesh, K.: Systematic detection and resolution of firewall policy anomalies. Int. J. Res. Comput. Commun. Technol. (IJRCCT) 2(12), 1387\u20131392 (2013)","journal-title":"Int. J. Res. Comput. Commun. Technol. (IJRCCT)"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Chen, Z., Guo, S., Duan, R.; Research on the anomaly discovering algorithm of the packet filtering rule sets. In 1st International Conference on Pervasive Computing, Signal Processing and Applications (PCSPA), Harbin, China, pp. 362\u2013366, September 2010","DOI":"10.1109\/PCSPA.2010.94"},{"key":"14_CR5","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1016\/j.cose.2013.01.004","volume":"39","author":"J Garcia-Alfaro","year":"2013","unstructured":"Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Martinez Perez, S., Cabot, J.: Management of stateful firewall misconfiguration. Comput. Secur. 39, 64\u201385 (2013)","journal-title":"Comput. Secur."},{"key":"14_CR6","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"174","DOI":"10.1007\/978-3-642-30436-1_15","volume-title":"Information Security and Privacy Research","author":"F Cuppens","year":"2012","unstructured":"Cuppens, F., Cuppens-Boulahia, N., Garcia-Alfaro, J., Moataz, T., Rimasson, X.: Handling stateful firewall anomalies. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 174\u2013186. Springer, Heidelberg (2012)"},{"issue":"9","key":"14_CR7","doi-asserted-by":"publisher","first-page":"1237","DOI":"10.1109\/TPDS.2007.70802","volume":"19","author":"AX Liu","year":"2008","unstructured":"Liu, A.X., Gouda, M.G.: Diverse firewall design. IEEE Trans. Parallel Distrib. Syst. 19(9), 1237\u20131251 (2008)","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"4","key":"14_CR8","first-page":"1106","volume":"51","author":"AX Liu","year":"2007","unstructured":"Liu, A.X., Gouda, M.G.: Structured firewall design. Comput. Netw. Int. J. Comput. Telecommun. Netw. 51(4), 1106\u20131120 (2007)","journal-title":"Comput. Netw. Int. J. Comput. Telecommun. Netw."},{"key":"14_CR9","unstructured":"Yuan, L., Mai, J., Su, Z., Chen, H., Chuah, C.-N., Mohapatra, P.: FIREMAN: a toolkit for firewall modeling and analysis. In: IEEE Symposium on Security and Privacy (S&P), Berkeley\/Oakland, May 2006"},{"issue":"8","key":"14_CR10","doi-asserted-by":"publisher","first-page":"677","DOI":"10.1109\/TC.1986.1676819","volume":"35","author":"RE Bryant","year":"1986","unstructured":"Bryant, R.E.: Graph-based algorithms for boolean function manipulation. IEEE Trans. Comput. 35(8), 677\u2013691 (1986)","journal-title":"IEEE Trans. Comput."},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Mallouli, W., Orset, J., Cavalli, A., Cuppens, N., Cuppens, F.: A formal approach for testing security rules. In: 12th ACM Symposium on Access Control Models and Technologies (SACMAT), Sophia Antipolis, France, June 2007","DOI":"10.1145\/1266840.1266860"},{"key":"14_CR12","doi-asserted-by":"publisher","first-page":"1090","DOI":"10.1109\/5.533956","volume":"84","author":"D Lee","year":"1996","unstructured":"Lee, D., Yannakakis, M.: Principles and methods of testing finite state machines - a survey. Proc. IEEE 84, 1090\u20131126 (1996)","journal-title":"Proc. IEEE"},{"key":"14_CR13","unstructured":"El Kalam, A.A., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Mi\u00e8ge, A., Saurel, C., Trouessin, G.: Organization based access control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (POLICY), Lake Come, Italy, June 2003"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Mansmann, F., G\u00f6bel, T., Cheswick, W.: Visual analysis of complex firewall configurations. In: 9th International Symposium on Visualization for Cyber Security (VizSec), Seattle, pp. 1\u20138, October 2012","DOI":"10.1145\/2379690.2379691"},{"issue":"4","key":"14_CR15","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1049\/iet-ifs:20060171","volume":"1","author":"L Lu","year":"2007","unstructured":"Lu, L., Safavi-Naini, R., Horton, J., Susilo, W.: Comparing and debugging firewall rule tables. IET Inf. Secur. 1(4), 143\u2013151 (2007)","journal-title":"IET Inf. Secur."},{"key":"14_CR16","doi-asserted-by":"crossref","unstructured":"Krombi, W., Erradi, M., Khoumsi, A.: Automata-based approach to design and analyze security policies. In: International Conference on Privacy, Security and Trust (PST), Toronto, Canada (2014)","DOI":"10.1109\/PST.2014.6890953"},{"key":"14_CR17","unstructured":"Scarfone, K., Hauffman, P.: Guidelines on Firewalls and Firewall Policy, Recommendations of the National Institute of Standards and Technology (NIST). Special Publication 800\u201341, Revision 1, 2\u20131, September 2009"},{"issue":"1","key":"14_CR18","first-page":"6","volume":"5","author":"S Madhavi","year":"2014","unstructured":"Madhavi, S., Raghu, G.: Segment generation approach for firewall policy anomaly resolution. Int. J. Comput. Sci. Inf. Technol. (IJCSIT) 5(1), 6\u201311 (2014)","journal-title":"Int. J. Comput. Sci. Inf. Technol. (IJCSIT)"},{"issue":"3","key":"14_CR19","doi-asserted-by":"publisher","first-page":"318","DOI":"10.1109\/TDSC.2012.20","volume":"9","author":"H Hu","year":"2012","unstructured":"Hu, H., Ahn, G., Kulkarni, K.: Detecting and resolving firewall policy anomalies. IEEE Trans. Dependable Secure Comput. 9(3), 318\u2013331 (2012)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"14_CR20","volume-title":"Computers and Intractability: A Guide to the Theory of NP-Completeness","author":"MR Garey","year":"1979","unstructured":"Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. A.W.H. Freeman, San Francisco (1979)"},{"key":"14_CR21","doi-asserted-by":"crossref","unstructured":"Elmallah, E., Gouda, M.G.: Hardness of firewall analysis. In: International Conference on NETworked sYStems (NETYS), Marrakesh, Morocco, May 2014","DOI":"10.1007\/978-3-319-09581-3_11"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-17040-4_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,27]],"date-time":"2023-01-27T19:50:14Z","timestamp":1674849014000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-17040-4_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319170398","9783319170404"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-17040-4_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"5 April 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}