Automatic Firewall Anomaly Resolution
Reference persons FULVIO VALENZA
Thesis type THEORETICAL/EXPERIMENTAL
Description Firewalls are known as the main architectural element for the security of every IT system. Firewalls have been widely used as the very first frontier to protect not only small individual and local networks but also large networks from these cyberattacks. Moreover, nowadays firewalls are not used as perimetral defenses only but are more and more adopted to protect internal layers in large networks, for instance in industrial networks and critical infrastructures, where defense in depth is required. Unfortunately, the configuration of firewalls is mostly designed manually by network administrators, and the support of automatic or semi-automatic tools for this task is limited. In this scenario, the possibility of introducing human errors in such configurations is high and this can have a great impact on the effectiveness of the firewall in providing an adequate security and protection level. This is even more critical in large networks and virtualized environments. Specifically, in large networks, many security mechanisms are in place and flaws in a firewall configuration could easily propagate through the entire network.
The objective of the thesis is to define a tool that reduces the number of anomalies in firewalls’ configurations that the administrators are usually obligated to manually solve
Required skills Reti di Calcolatori, Cybersecurity, Programmazione Java
Deadline 05/11/2023 PROPONI LA TUA CANDIDATURA