@inproceedings{ae8e197c6ccf4b48831091a708a46785,
title = "Towards network security policy generation for configuration analysis and testing",
abstract = "Access-control lists are an essential part in the security framework of any system. Researchers are always in need to have a repository of ready made policies for conducting research and development. Such policies, especially firewall policies which are the focus of our work, are needed to perform performance testing as well as configuration analysis. In this paper we introduce a novel technique to perform access-control policy generation. The proposed approach learns policy parameters from a set of given policies. It generates policies that conform with natural policy-writing practices while following the grammar syntax required by the security device. A probabilistic learning approach is used to infer transition probabilities for the given policy grammar.",
keywords = "Policy generation, Policy grammar, Security policy",
author = "Taghrid Samak and Adel El-Atawy and Ehab Al-Shaer",
year = "2009",
doi = "10.1145/1655062.1655072",
language = "English",
isbn = "9781605587783",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
pages = "45--52",
booktitle = "Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09",
note = "2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 ; Conference date: 09-11-2009 Through 13-11-2009",
}