Abstract:
Firewalls are core elements in network security. However, managing firewall rules is an
error-prone task especially for less experienced administrator. The reason is that firewall filtering
rules itself might cause network vulnerability due to the firewall policy anomalies were not
carefully written and ordered them. Thus, firewall rule classification is essential to determine the
proper rule placement and ordering without any policy anomalies when they are inserting or
modifying filtering rules. In this thesis, a firewall rules classifier is developed based on IntraFirewall Policy Anomaly Algorithm in order to discover and alert all possible policy anomalies in
IPCop firewall that is used in Small Office Home Office (SOHO) network. And the main purpose
of this classifier is to assist the administrator who he or she is setting their firewall to be able to
configure conflict-free firewall rules easily by giving advising alerts. This firewall is implemented
in a small campus network prototype and experimented it in a virtual network that is built by using
VMware Workstation 10. Firewall policy for this system is based on own predefined security
policy for this network. The developed classifier can assist the administrators by advising all
possible types of firewall anomalies in firewall setting.
