A parallel approach for detecting OpenFlow rule anomalies based on a general formalism

Abstract: Summary As the policies of a software‐defined networking (SDN) network can be updated dynamically and often at a high pace, conflicts between policies can easily occur. Due to the large number of switches and heterogeneous policies within a typical SDN network, detecting those conflicts is a laborious and challenging task. This article presents three main contributions. First, we devise an offline method for detecting unmatched OpenFlow rules, that is, rules that are never fired. In our taxonomy such anomalies… Show more

“…Stateful firewall misconfiguration checking as stated before does not have any substantial differences, even using the same definitions without adding more types of misconfigurations. Some of the papers that check stateful firewalls include [26,27,29,41,59]. The first paper listed is an extension of "Firewall Policy Advisor", the tool that essentially started the work in this field.…”

“…SDN-focused anomaly detection occurs in very recent papers such as [1,29,41,59,60]. Unlike the early days of firewalls, the majority of the development into SDNs goes into an open framework that the various solutions are built upon.…”

Misconfiguration in Firewalls and Network Access Controls: Literature Review

“…Stateful firewall misconfiguration checking as stated before does not have any substantial differences, even using the same definitions without adding more types of misconfigurations. Some of the papers that check stateful firewalls include [26,27,29,41,59]. The first paper listed is an extension of "Firewall Policy Advisor", the tool that essentially started the work in this field.…”

“…SDN-focused anomaly detection occurs in very recent papers such as [1,29,41,59,60]. Unlike the early days of firewalls, the majority of the development into SDNs goes into an open framework that the various solutions are built upon.…”

Misconfiguration in Firewalls and Network Access Controls: Literature Review