{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:48:29Z","timestamp":1742914109073,"version":"3.40.3"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319461397"},{"type":"electronic","value":"9783319461403"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-46140-3_19","type":"book-chapter","created":{"date-parts":[[2016,9,14]],"date-time":"2016-09-14T00:39:51Z","timestamp":1473813591000},"page":"229-243","source":"Crossref","is-referenced-by-count":2,"title":["An Approach to Resolve NP-Hard Problems of Firewalls"],"prefix":"10.1007","author":[{"given":"Ahmed","family":"Khoumsi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohamed","family":"Erradi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Meryeme","family":"Ayache","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wadie","family":"Krombi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,9,15]]},"reference":[{"key":"19_CR1","unstructured":"Information Technology Security Evaluation Criteria (ITSEC), v1.2. Office for Official Publications of the European Communities, Luxembourg, June 1991"},{"key":"19_CR2","doi-asserted-by":"crossref","unstructured":"Elmallah, E., Gouda, M.G.: Hardness of firewall analysis. In: International Conference on NETworked sYStems (NETYS), Marrakesh, Morocco, May 2014","DOI":"10.1007\/978-3-319-09581-3_11"},{"key":"19_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"221","DOI":"10.1007\/978-3-319-17040-4_14","volume-title":"Foundations and Practice of Security","author":"A Khoumsi","year":"2015","unstructured":"Khoumsi, A., Krombi, W., Erradi, M.: A formal approach to verify completeness and detect anomalies in firewall security policies. In: Cuppens, F., Garcia-Alfaro, J., Zincir Heywood, N., Fong, P.W.L. (eds.) FPS 2014. LNCS, vol. 8930, pp. 221\u2013236. Springer, Heidelberg (2015)"},{"key":"19_CR4","doi-asserted-by":"crossref","unstructured":"Hoffman, D., Yoo, K.: Blowtorch: a framework for firewall test automation. In: 20th IEEE\/ACM International Conference on Automated Software Engineering (ASE), Long Beach, California, USA, pp. 96\u2013103, November 2005","DOI":"10.1145\/1101908.1101925"},{"issue":"3","key":"19_CR5","doi-asserted-by":"crossref","first-page":"214","DOI":"10.1016\/S0167-4048(03)00310-9","volume":"22","author":"S Kamara","year":"2003","unstructured":"Kamara, S., Fahmy, S., Schultz, E., Kerschbaum, F., Frantzen, M.: Analysis of vulnerabilities in internet firewalls. Comput. Secur. 22(3), 214\u2013232 (2003)","journal-title":"Comput. Secur."},{"issue":"6","key":"19_CR6","doi-asserted-by":"crossref","first-page":"62","DOI":"10.1109\/MC.2004.2","volume":"37","author":"A Wool","year":"2004","unstructured":"Wool, A.: A quantitative study of firewall configuration errors. Computer 37(6), 62\u201367 (2004)","journal-title":"Computer"},{"key":"19_CR7","doi-asserted-by":"crossref","unstructured":"Acharya, H.B., Gouda, M.G.: Firewall verification and redundancy checking are equivalent. In: 30th IEEE International Conference on Computer Communication (INFOCOM), Shanghai, China, pp. 2123\u20132128, April 2011","DOI":"10.1109\/INFCOM.2011.5935023"},{"issue":"4","key":"19_CR8","doi-asserted-by":"crossref","first-page":"424","DOI":"10.1109\/TPDS.2008.216","volume":"21","author":"AX Liu","year":"2010","unstructured":"Liu, A.X., Gouda, M.G.: Complete redundancy removal for packet classifiers in TCAMs. IEEE Trans. Parallel Distrib. Syst. 21(4), 424\u2013437 (2010)","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"Acharya, H.B., Gouda, M.G.: Projection, division: linear space verification of firewalls. In: 30th International Conference on Distributed Computing Systems (ICDCS), Genova, Italy, pp. 736\u2013743, June 2010","DOI":"10.1109\/ICDCS.2010.68"},{"key":"19_CR10","doi-asserted-by":"crossref","unstructured":"Al-Shaer, E., Marrero, W., El-Atawy, A., Elbadawi, K.: Network configuration in a box: towards end-to-end verification of networks reachability and security. In: 17th IEEE International Conference on Network Protocols (ICNP), Princeton, NJ, USA, pp. 736\u2013743, October 2009","DOI":"10.1109\/ICNP.2009.5339690"},{"issue":"9","key":"19_CR11","doi-asserted-by":"crossref","first-page":"1237","DOI":"10.1109\/TPDS.2007.70802","volume":"19","author":"AX Liu","year":"2008","unstructured":"Liu, A.X., Gouda, M.G.: Diverse firewall design. IEEE Trans. Parallel Distrib. Syst. 19(9), 1237\u20131251 (2008)","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"1","key":"19_CR12","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1109\/TNSM.2004.4623689","volume":"1","author":"E Al-Shaer","year":"2004","unstructured":"Al-Shaer, E., Hamed, H.: Modeling and management of firewall policies. IEEE Trans. Netw. Serv. Manag. 1(1), 2\u201310 (2004)","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"issue":"3","key":"19_CR13","first-page":"92","volume":"3","author":"K Karoui","year":"2013","unstructured":"Karoui, K., Ben Ftima, F., Ben Ghezala, H.: Formal specification, verification, correction of security policies based on the decision tree approach. Int. J. Data Netw. Secur. 3(3), 92\u2013111 (2013)","journal-title":"Int. J. Data Netw. Secur."},{"issue":"12","key":"19_CR14","first-page":"1387","volume":"2","author":"M Madhuri","year":"2013","unstructured":"Madhuri, M., Rajesh, K.: Systematic detection and resolution of firewall policy anomalies. Int. J. Res. Comput. Commun. Technol. (IJRCCT) 2(12), 1387\u20131392 (2013)","journal-title":"Int. J. Res. Comput. Commun. Technol. (IJRCCT)"},{"key":"19_CR15","doi-asserted-by":"crossref","first-page":"64","DOI":"10.1016\/j.cose.2013.01.004","volume":"39","author":"J Garcia-Alfaro","year":"2013","unstructured":"Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Martinez Perez, S., Cabot, J.: Management of stateful firewall misconfiguration. Comput. Secur. 39, 64\u201385 (2013)","journal-title":"Comput. Secur."},{"key":"19_CR16","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"crossref","first-page":"174","DOI":"10.1007\/978-3-642-30436-1_15","volume-title":"Information Security and Privacy Research","author":"F Cuppens","year":"2012","unstructured":"Cuppens, F., Cuppens-Boulahia, N., Garcia-Alfaro, J., Moataz, T., Rimasson, X.: Handling stateful firewall anomalies. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 174\u2013186. Springer, Heidelberg (2012)"},{"issue":"4","key":"19_CR17","doi-asserted-by":"crossref","first-page":"1106","DOI":"10.1016\/j.comnet.2006.06.015","volume":"51","author":"AX Liu","year":"2007","unstructured":"Liu, A.X., Gouda, M.G.: Structured firewall design. Comput. Netw.: Int. J. Comput. Telecommun. Netw. 51(4), 1106\u20131120 (2007)","journal-title":"Comput. Netw.: Int. J. Comput. Telecommun. Netw."},{"key":"19_CR18","unstructured":"Yuan, L., Mai, J., Su, Z., Chen, H., Chuah, C.-N., Mohapatra, P.: FIREMAN: a toolkit for FIREwall modeling and analysis. In: IEEE Symposium on Security and Privacy (S&P), Berkeley\/Oakland, CA, USA, May 2006"},{"issue":"8","key":"19_CR19","doi-asserted-by":"crossref","first-page":"677","DOI":"10.1109\/TC.1986.1676819","volume":"35","author":"RE Bryant","year":"1986","unstructured":"Bryant, R.E.: Graph-based algorithms for Boolean function manipulation. IEEE Trans. Comput. 35(8), 677\u2013691 (1986)","journal-title":"IEEE Trans. Comput."},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Mallouli, W., Orset, J., Cavalli, A., Cuppens, N., Cuppens, F.: A formal approach for testing security rules. In: 12th ACM Symposium on Access Control Models and Technologies (SACMAT), Sophia Antipolis, France, June 2007","DOI":"10.1145\/1266840.1266860"},{"key":"19_CR21","doi-asserted-by":"crossref","first-page":"1090","DOI":"10.1109\/5.533956","volume":"84","author":"D Lee","year":"1996","unstructured":"Lee, D., Yannakakis, M.: Principles and methods of testing finite state machines - a survey. Proc. IEEE 84, 1090\u20131126 (1996)","journal-title":"Proc. IEEE"},{"key":"19_CR22","doi-asserted-by":"crossref","unstructured":"El Kalam, A.A., El Baida, R, Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Mi\u00e8ge, A., Saurel, C., Trouessin, G.: Organization based access control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (POLICY), Lake Come, Italy, June 2003","DOI":"10.1109\/POLICY.2003.1206966"},{"issue":"4","key":"19_CR23","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1049\/iet-ifs:20060171","volume":"1","author":"L Lu","year":"2007","unstructured":"Lu, L., Safavi-Naini, R., Horton, J., Susilo, W.: Comparing and debugging firewall rule tables. IET Inf. Secur. 1(4), 143\u2013151 (2007)","journal-title":"IET Inf. Secur."},{"key":"19_CR24","doi-asserted-by":"crossref","unstructured":"Mansmann, F., G\u00f6bel, T., Cheswick, W.: Visual analysis of complex firewall configurations. In: 9th International Symposium on Visualization for Cyber Security (VizSec), Seattle, WA, USA, pp. 1\u20138, October 2012","DOI":"10.1145\/2379690.2379691"},{"key":"19_CR25","doi-asserted-by":"crossref","unstructured":"Krombi, W., Erradi, M., Khoumsi, A.: Automata-based approach to design and analyze security policies. In: Internernational Conference on Privacy, Security and Trust (PST), Toronto, Canada (2014)","DOI":"10.1109\/PST.2014.6890953"},{"key":"19_CR26","volume-title":"Computers and Intractability: A Guide to the Theory of NP-Completeness","author":"MR Garey","year":"1979","unstructured":"Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. AW.H. Freeman, San Francisco (1979)"}],"container-title":["Lecture Notes in Computer Science","Networked Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-46140-3_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,24]],"date-time":"2017-06-24T18:44:15Z","timestamp":1498329855000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-46140-3_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319461397","9783319461403"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-46140-3_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}