Misconfigurations discovery between distributed security components using the mobile agent approach

Abstract

Nowadays, to survey and guarantee the security policy in networks, the administrator uses different network security components, such as firewalls and intrusion detection systems (IDS). For a perfect interoperability between these components in the network, these latter must be configured properly to avoid misconfiguration anomalies between them. However, there are a set of anomalies between alerting rules in the IDS and filtering rules in firewalls, that degrade the network security policy. In this paper, we will present a mobile agent based architecture to detect misconfigurations between these distributed components and generate a new set of rules free of errors. A case study will illustrate the effectiveness of our approach.