International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Interfirewall optimization across various administrative domain for enabling ...Editor IJMTER
Network security is usually protected by a firewall, which checks in-out packets against
a set of defined policies or rules. Hence, the overall performance of the firewall generally depend on
its rule management. For example, the performance can be decreased when there are firewall rule
anomalies. The anomalies may happen when two sets of firewall rules are overlapped or their
decision parts are both an acceptance and a denial simultaneously. Firewall optimization focuses on
either inter-firewall or intra-firewall optimization within one administrative domain where the
privacy of firewall policies is not a concern. Explore interfirewall optimization across administrative
domain for the first time. The key technical challenge is that firewall policy cannot be shared across
domains because a firewall policy contains confidential information and even potential security
holes, which can be exploited by attackers. Using interfirewall redundant rule which overcome the
prior problem and enable the interfirewall optimization across administrative domains. Also propose
the first cross domain cooperative firewall (CDCF) policy optimization protocol. The optimization
process involves cooperative computation between the two firewall without any party disclosing its
policy to the other.
A Novel Management Framework for Policy Anomaly in Firewallijsrd.com
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Firewalls are the most widely deployed security mechanism to ensure the security of private networks in most businesses and institutions. The effectiveness of security protection provided by a firewall mainly depends on the quality of policy configured in the firewall. Unfortunately, designing and managing firewall policies are often error-prone due to the complex nature of firewall configurations as well as the lack of systematic analysis mechanisms and tools. In this paper, we represent an innovative policy anomaly management framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective anomaly resolutions. We also discuss a proof-of-concept implementation of a visualization-based firewall policy analysis tool called Firewall Anomaly Management Environment (FAME). In addition, we demonstrate how efficiently our approach can discover and resolve anomalies in firewall policies through rigorous experiments using Automatic rule generation technique.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Interfirewall optimization across various administrative domain for enabling ...Editor IJMTER
Network security is usually protected by a firewall, which checks in-out packets against
a set of defined policies or rules. Hence, the overall performance of the firewall generally depend on
its rule management. For example, the performance can be decreased when there are firewall rule
anomalies. The anomalies may happen when two sets of firewall rules are overlapped or their
decision parts are both an acceptance and a denial simultaneously. Firewall optimization focuses on
either inter-firewall or intra-firewall optimization within one administrative domain where the
privacy of firewall policies is not a concern. Explore interfirewall optimization across administrative
domain for the first time. The key technical challenge is that firewall policy cannot be shared across
domains because a firewall policy contains confidential information and even potential security
holes, which can be exploited by attackers. Using interfirewall redundant rule which overcome the
prior problem and enable the interfirewall optimization across administrative domains. Also propose
the first cross domain cooperative firewall (CDCF) policy optimization protocol. The optimization
process involves cooperative computation between the two firewall without any party disclosing its
policy to the other.
A Novel Management Framework for Policy Anomaly in Firewallijsrd.com
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Firewalls are the most widely deployed security mechanism to ensure the security of private networks in most businesses and institutions. The effectiveness of security protection provided by a firewall mainly depends on the quality of policy configured in the firewall. Unfortunately, designing and managing firewall policies are often error-prone due to the complex nature of firewall configurations as well as the lack of systematic analysis mechanisms and tools. In this paper, we represent an innovative policy anomaly management framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective anomaly resolutions. We also discuss a proof-of-concept implementation of a visualization-based firewall policy analysis tool called Firewall Anomaly Management Environment (FAME). In addition, we demonstrate how efficiently our approach can discover and resolve anomalies in firewall policies through rigorous experiments using Automatic rule generation technique.
Distributed firewalls and ids interoperability checking based on a formal app...IJCNCJournal
To supervise and guarantee a network security, the administrator uses different security components, such
as firewalls, IDS and IPS. For a perfect interoperability between these components, they must be
configured properly to avoid misconfiguration between them. Nevertheless, the existence of a set of
anomalies between filtering rules and alerting rules, particularly in distributed multi-component
architectures is very likely to degrade the network security. The main objective of this paper is to check if a
set of security components are interoperable. A case study using a firewall and an IDS as examples will
illustrate the usefulness of our approach.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
Internet Protocol (IP) : It is the method or protocol by which data is sent from one computer to another on the Internet. [1]
Original version of the Internet Protocol that was first designed in 1983. [2]
Security: “The quality or state of being
secure—to be free from danger”.
IPSec protects all the traffic over the
network.
Distributed Packet Filtering Firewall for Enhanced Security In Mobile Ad-Hoc ...IJERA Editor
The nodes in MANET are free to move in a limited grid layout without the presence of vision of the superior
authority or administration. The nodes in network are free to move in any other network at any time. That means
the nodes are join or leave the network at any instant, that's why the security is the major issue in MANET.
Routing protocols are not able to handle the malicious activities of attacker because their function is to provide
the path in between sender to receiver and route data from the path which is selected for transferring information.
This paper proposed the distributed security scheme for providing reliable path and secure communication. The
proposed bloom filtering technique is not only filtering the unwanted infected packets of routing attacker. It's
also recovered the modified data and protects IP modification with the help of new route establishment
mechanism. The proposed bloom filter is provides the secure communication and stop the attacker infection. The
Bloom filter removes the IP modified packets that shows the presence of malicious routing attacker in dynamic
network. The normal routing performance and proposed bloom filter is almost equivalent. The performance of
network is measured through performance metrics and proposed distributed security scheme provides better
performance.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
On ranges and null spaces of a special type of operator named 𝝀 − 𝒋𝒆𝒄𝒕𝒊𝒐𝒏. – ...IJMER
In this article, 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛 has been introduced which is a generalization of trijection
operator as introduced in P.Chandra’s Ph. D. thesis titled “Investigation into the theory of operators
and linear spaces” (Patna University,1977). We obtain relation between ranges and null spaces of two
given 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛𝑠 under suitable conditions
To make a biogas energy from different sources & creating awareness between h...IJMER
Biogas from biomass appears as an alternative source of energy, which is potentially enriched in biomass resources. This article gives an overview of present and future use of biomass as an industrial feedstock for production of fuels, chemicals and other materials. However, to be truly competitive in an open market situation, higher value products are required. Results suggest that biogas technology must be encouraged, promoted, invested, implemented, and demonstrated, but especially in remote rural areas. Different types of wastes are used for production of biogas .these wastes are found very easy and an every palace. This article helps to make biogas form different wastes. From this study, it can be concluded that this method not only contributed to renewable biogas production but also improved the effluent quality
Artificial Intelligence based optimization of weld bead geometry in laser wel...IJMER
This paper reports on a modeling and optimization of laser welding of aluminum-magnesium alloy thickness of 1.7mm. Regression analysis is used for modeling and Genetic algorithm is used for optimize the process parameters.The input values for the regression methods is taken according the Taguchi based orthogonal array. A software named Computer aided Robust Parameter Genetic Algorithm CARPGA has been developed in MATLAB 2013 which combine all of these methodologies. This software has been validated with some published paper.
An Experimental Investigation of Capacity Utilization in Manufacturing Indus...IJMER
In the modern day competitive world, every organization demands an effective utilization of
capacity. Capacity Utilization means the maximum amount of output that can be produced in the short run of time. A lot of planning is necessary for the proper management of capacity. Capacity planning is one side of a coin and capacity management is the other. The capacity plans needs to be executed flawlessly, with unpleasant surprises avoided. A managerial problem is to match the capacity with the plans. Companies whether labour or machine intensive have a CI trend that remains fairly constant in
that particular sector. For example a company will have a monthly cumulative CI trend that could be compared with any other company trend within the same market. The present paper makes an attempt to study the most important parameter of the organization i.e capacity utilization of a company
On ranges and null spaces of a special type of operator named 𝝀 − 𝒋𝒆𝒄𝒕𝒊𝒐𝒏. – ...IJMER
In this article, 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛 has been introduced which is a generalization of trijection
operator as introduced in P.Chandra’s Ph. D. thesis titled “Investigation into the theory of operators
and linear spaces” (Patna University,1977). We obtain relation between ranges and null spaces of two
given 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛𝑠 under suitable conditions.
Stability of the Equilibrium Position of the Centre of Mass of an Inextensibl...IJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
Distributed firewalls and ids interoperability checking based on a formal app...IJCNCJournal
To supervise and guarantee a network security, the administrator uses different security components, such
as firewalls, IDS and IPS. For a perfect interoperability between these components, they must be
configured properly to avoid misconfiguration between them. Nevertheless, the existence of a set of
anomalies between filtering rules and alerting rules, particularly in distributed multi-component
architectures is very likely to degrade the network security. The main objective of this paper is to check if a
set of security components are interoperable. A case study using a firewall and an IDS as examples will
illustrate the usefulness of our approach.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
Internet Protocol (IP) : It is the method or protocol by which data is sent from one computer to another on the Internet. [1]
Original version of the Internet Protocol that was first designed in 1983. [2]
Security: “The quality or state of being
secure—to be free from danger”.
IPSec protects all the traffic over the
network.
Distributed Packet Filtering Firewall for Enhanced Security In Mobile Ad-Hoc ...IJERA Editor
The nodes in MANET are free to move in a limited grid layout without the presence of vision of the superior
authority or administration. The nodes in network are free to move in any other network at any time. That means
the nodes are join or leave the network at any instant, that's why the security is the major issue in MANET.
Routing protocols are not able to handle the malicious activities of attacker because their function is to provide
the path in between sender to receiver and route data from the path which is selected for transferring information.
This paper proposed the distributed security scheme for providing reliable path and secure communication. The
proposed bloom filtering technique is not only filtering the unwanted infected packets of routing attacker. It's
also recovered the modified data and protects IP modification with the help of new route establishment
mechanism. The proposed bloom filter is provides the secure communication and stop the attacker infection. The
Bloom filter removes the IP modified packets that shows the presence of malicious routing attacker in dynamic
network. The normal routing performance and proposed bloom filter is almost equivalent. The performance of
network is measured through performance metrics and proposed distributed security scheme provides better
performance.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
On ranges and null spaces of a special type of operator named 𝝀 − 𝒋𝒆𝒄𝒕𝒊𝒐𝒏. – ...IJMER
In this article, 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛 has been introduced which is a generalization of trijection
operator as introduced in P.Chandra’s Ph. D. thesis titled “Investigation into the theory of operators
and linear spaces” (Patna University,1977). We obtain relation between ranges and null spaces of two
given 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛𝑠 under suitable conditions
To make a biogas energy from different sources & creating awareness between h...IJMER
Biogas from biomass appears as an alternative source of energy, which is potentially enriched in biomass resources. This article gives an overview of present and future use of biomass as an industrial feedstock for production of fuels, chemicals and other materials. However, to be truly competitive in an open market situation, higher value products are required. Results suggest that biogas technology must be encouraged, promoted, invested, implemented, and demonstrated, but especially in remote rural areas. Different types of wastes are used for production of biogas .these wastes are found very easy and an every palace. This article helps to make biogas form different wastes. From this study, it can be concluded that this method not only contributed to renewable biogas production but also improved the effluent quality
Artificial Intelligence based optimization of weld bead geometry in laser wel...IJMER
This paper reports on a modeling and optimization of laser welding of aluminum-magnesium alloy thickness of 1.7mm. Regression analysis is used for modeling and Genetic algorithm is used for optimize the process parameters.The input values for the regression methods is taken according the Taguchi based orthogonal array. A software named Computer aided Robust Parameter Genetic Algorithm CARPGA has been developed in MATLAB 2013 which combine all of these methodologies. This software has been validated with some published paper.
An Experimental Investigation of Capacity Utilization in Manufacturing Indus...IJMER
In the modern day competitive world, every organization demands an effective utilization of
capacity. Capacity Utilization means the maximum amount of output that can be produced in the short run of time. A lot of planning is necessary for the proper management of capacity. Capacity planning is one side of a coin and capacity management is the other. The capacity plans needs to be executed flawlessly, with unpleasant surprises avoided. A managerial problem is to match the capacity with the plans. Companies whether labour or machine intensive have a CI trend that remains fairly constant in
that particular sector. For example a company will have a monthly cumulative CI trend that could be compared with any other company trend within the same market. The present paper makes an attempt to study the most important parameter of the organization i.e capacity utilization of a company
On ranges and null spaces of a special type of operator named 𝝀 − 𝒋𝒆𝒄𝒕𝒊𝒐𝒏. – ...IJMER
In this article, 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛 has been introduced which is a generalization of trijection
operator as introduced in P.Chandra’s Ph. D. thesis titled “Investigation into the theory of operators
and linear spaces” (Patna University,1977). We obtain relation between ranges and null spaces of two
given 𝜆 − 𝑗𝑒𝑐𝑡𝑖𝑜𝑛𝑠 under suitable conditions.
Stability of the Equilibrium Position of the Centre of Mass of an Inextensibl...IJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
Discrete Model of Two Predators competing for One PreyIJMER
This paper investigates the dynamical behavior of a discrete model of one prey two
predator systems. The equilibrium points and their stability are analyzed. Time series plots are obtained
for different sets of parameter values. Also bifurcation diagrams are plotted to show dynamical behavior
of the system in selected range of growth parameter
Integration of Struts & Spring & Hibernate for Enterprise ApplicationsIJMER
The proposal of this paper is to present Spring Framework which is widely used in
developing enterprise applications. Considering the current state where applications are developed using
the EJB model, Spring Framework assert that ordinary java beans(POJO) can be utilize with minimal
modifications. This modular framework can be used to develop the application faster and can reduce
complexity. This paper will highlight the design overview of Spring Framework along with its features that
have made the framework useful. The integration of multiple frameworks for an E-commerce system has
also been addressed in this paper. This paper also proposes structure for a website based on integration of
Spring, Hibernate and Struts Framework.
Comparing: Routing Protocols on Basis of sleep modeIJMER
The architecture of ad hoc wireless network consists of mobile nodes for communication
without the use of fixed-position routers. The communication between them takes place without
centralized control. Routing is a very crucial issue, so to deal with this routing algorithms must deliver
the packet in significant delay. There are different protocols for handling the mobile environment like
AODV, DSR and OLSR. But this paper will focus on performance of AODV and OLSR routing protocols.
The performance of these protocols is analyzed on two metrics: time and throughput
SURVEY ON COOPERATIVE FIREWALL ANOMALY DETECTION AND REDUNDANCY MANAGEMENTijsrd.com
Network security is essential for protecting the private and public networks such as banking and educational zones. Network can use different kinds of security mechanism. Among this firewall is one of the security mechanisms. The Firewalls are used as a protection barrier among the two different networks. The performance of firewall is mainly based on firewall policies. The firewall policies are used to decide whether the packets can be permitted or to be refused. These rules are crucial for the operation of firewall policies. The firewall policy contains erroneous configurations like rule redundancies, errors and conflicts. Such, conflicts are resolved by various mechanisms based on their errors. The following techniques are used for some error detection and correction process like cross-domain cooperative firewall, firewall compression, firewall decision diagrams, firewall verification tool and anomaly detection tools like FAME(Firewall Anomaly Management Environment),FPA(Firewall Policy Advisor, Fireman etc.
ANALYSIS OF SECURITY ASPECTS FOR DYNAMIC RESOURCE MANAGEMENT IN DISTRIBUTED S...ijcseit
Millions of people all over the world are now connected to the Internet for doing business. Therefore, the demand for Internet and web-based services continues to grow. So, need to install required infrastructure to balance the computing. In spite the success of new infrastructure, it is susceptible to several critical
malfunctions. Therefore, to guarantee the secure operations on Network and Data, several solutions need to be developed. The researchers are working in this direction to have the better solution for security. In distributed environment, at the time of management of resources both computing and networking,
resource allocation and resource utilization, etc, the security is most crucial problem. In this paper, an extensive review has been made on the different security aspect, different types of attack and techniques to sustain and block the attack in the distributed environment.
ANALYSIS OF SECURITY ASPECTS FOR DYNAMIC RESOURCE MANAGEMENT IN DISTRIBUTED S...ijcseit
Millions of people all over the world are now connected to the Internet for doing business. Therefore, the
demand for Internet and web-based services continues to grow. So, need to install required infrastructure
to balance the computing. In spite the success of new infrastructure, it is susceptible to several critical
malfunctions. Therefore, to guarantee the secure operations on Network and Data, several solutions need
to be developed. The researchers are working in this direction to have the better solution for security.
In distributed environment, at the time of management of resources both computing and networking,
resource allocation and resource utilization, etc, the security is most crucial problem. In this paper, an
extensive review has been made on the different security aspect, different types of attack and techniques to
sustain and block the attack in the distributed environment.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
PERFORMANCE EVALUATION OF ENHANCEDGREEDY-TWO-PHASE DEPLOYMENT ALGORITHMIJNSA Journal
Firewall is one of the most widely utilized component on any network architecture, since that a deployment is a very important step to turn the initial policy to a target policy. This operation must be done without presenting any risks or flaws. Much research has already addressed the conflict detection of policies and optimization, but in our paper we will focus on researches that talk about strategies for the security of policy deployment, some researchers have proposed a number of algorithms to solve this problem, we will discuss one of these algorithm then we propose an amelioration of this strategy. In [1], we have proposed a correct algorithm for the deployment type I. But in this work we will study the performance evaluation of the new solution called “Enhanced-Two-Phase-Deployment”. We show that the proposed solution is most efficient.
A Complete Guide To Firewall How To Build A Secure Networking System.pptxBluechipComputerSyst
In today's interconnected world, the value of a secure networking system cannot be overstated. In a digital landscape where businesses
https://www.bluechip-gulf.ae/guide-firewall-build-secure-networking-system/
Redundancy removal of rules with reordering them to increase the firewall opt...eSAT Journals
Abstract
Firewalls are widely getting used for securing the private network. Firewalls check each incoming and outgoing packets and according the rules given by network administrator and it will take the decision whether to accept or discard the packet. As per the huge requirement of services on internet the rule set becomes large and takes more time to process one packet and it affects the throughput of firewall. So firewall optimization has a great demand to get good performance. Exiting research efforts developed techniques for either intra-firewall or inter-firewall optimization within a single administrative domain. In addition, existing techniques are inefficient in reducing packet processing delay, because they optimize firewall rules by only reducing the number of rules, but lack the intelligence to decide the order of rules. This paper proposes an adaptive cross-domain firewall policy optimization technique using statistical analysis, while protecting the policy confidentiality. To the best of our knowledge, we are the first to propose a technique that dynamically decides the order of rules based on the network statistics. The proposed technique not only identifies and removes redundant rules but also identifies the order of rules in the rule set to improve the performance of the system. The optimization process involves two tasks: First, collaboratively reduce the number of rules between multiple firewalls, while protecting confidentiality of them. Second, using network usage statistics, identify the order of rules in the rule set The feasibility of the proposed technique is shown with the help of the prototype implementation. The evaluation results show the effectiveness and efficiency of the proposed solution.
Keywords: Civilization, Redundancies, Adjoining, Privacy, Stiff.
Firewall is a device or set of instruments designed to permit or deny network transmissions based upon a set of rules and regulation is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass or during the sensitive data transmission. Distributed firewalls allow enforcement of security policies on a network without restricting its topology on an inside or outside point of view. Use of a policy language and centralized delegating its semantics to all members of the networks domain support application of firewall technology for organizations, which network devices communicate over insecure channels and still allow a logical separation of hosts in- and outside the trusted domain. We introduce the general concepts of such distributed firewalls, its requirements and implications and introduce its suitability to common threats on the Internet, as well as give a short discussion on contemporary implementations.
A Study on Translucent Concrete Product and Its Properties by Using Optical F...IJMER
- Translucent concrete is a concrete based material with light-transferring properties,
obtained due to embedded light optical elements like Optical fibers used in concrete. Light is conducted
through the concrete from one end to the other. This results into a certain light pattern on the other
surface, depending on the fiber structure. Optical fibers transmit light so effectively that there is
virtually no loss of light conducted through the fibers. This paper deals with the modeling of such
translucent or transparent concrete blocks and panel and their usage and also the advantages it brings
in the field. The main purpose is to use sunlight as a light source to reduce the power consumption of
illumination and to use the optical fiber to sense the stress of structures and also use this concrete as an
architectural purpose of the building
Developing Cost Effective Automation for Cotton Seed DelintingIJMER
A low cost automation system for removal of lint from cottonseed is to be designed and
developed. The setup consists of stainless steel drum with stirrer in which cottonseeds having lint is mixed
with concentrated sulphuric acid. So lint will get burn. This lint free cottonseed treated with lime water to
neutralize acidic nature. After water washing this cottonseeds are used for agriculter purpose
Study & Testing Of Bio-Composite Material Based On Munja FibreIJMER
The incorporation of natural fibres such as munja fiber composites has gained
increasing applications both in many areas of Engineering and Technology. The aim of this study is to
evaluate mechanical properties such as flexural and tensile properties of reinforced epoxy composites.
This is mainly due to their applicable benefits as they are light weight and offer low cost compared to
synthetic fibre composites. Munja fibres recently have been a substitute material in many weight-critical
applications in areas such as aerospace, automotive and other high demanding industrial sectors. In
this study, natural munja fibre composites and munja/fibreglass hybrid composites were fabricated by a
combination of hand lay-up and cold-press methods. A new variety in munja fibre is the present work
the main aim of the work is to extract the neat fibre and is characterized for its flexural characteristics.
The composites are fabricated by reinforcing untreated and treated fibre and are tested for their
mechanical, properties strictly as per ASTM procedures.
Hybrid Engine (Stirling Engine + IC Engine + Electric Motor)IJMER
Hybrid engine is a combination of Stirling engine, IC engine and Electric motor. All these 3 are
connected together to a single shaft. The power source of the Stirling engine will be a Solar Panel. The aim of
this is to run the automobile using a Hybrid engine
Fabrication & Characterization of Bio Composite Materials Based On Sunnhemp F...IJMER
The present day technology demands eco-friendly developments. In this era the
composite material are playing a vital roal in different field of Engineering .The composite materials
are using as a principle materials. Nowaday the composite materials are utilizing as a important
component of engineering field .Where as the importance of the applications of composites is well
known, but thrust on the use of natural fibres in it for reinforcement has been given priority for some
times. But changing from synthetic fibres to natural fibres provides only half green-composites. A
partial green composite will be achieved if the matrix component is also eco-friendly. Keeping this in
view, a detailed literature surveyed has been carried out through various issues of the Journals
related to this field. The material systems used are sunnhemp fibres. Some epoxy and hardener has
been also added for stability and drying of the bio-composites. Various graphs and bar-charts are
super-imposed on each other for comparison among themselves and Graphs is plotted on MAT LAB
and ORIGIN 6.0 software. To determining tensile strengths, Various properties for different biocomposites
have been compared among themselves. Comparison of the behaviour of bio-composites of
this work has been also compare with other works. The bio-composites developed in this work are
likely to get applications in fall ceilings, partitions, bio-degradable packagings, automotive interiors,
sports things (e.g. rackets, nets, etc.), toys etc.
Geochemistry and Genesis of Kammatturu Iron Ores of Devagiri Formation, Sandu...IJMER
The Greenstone belts of Karnataka are enriched in BIFs in Dharwar craton, where Iron
formations are confined to the basin shelf, clearly separated from the deeper-water iron formation that
accumulated at the basin margin and flanking the marine basin. Geochemical data procured in terms of
major, trace and REE are plotted in various diagrams to interpret the genesis of BIFs. Al2O3, Fe2O3 (T),
TiO2, CaO, and SiO2 abundances and ratios show a wide variation. Ni, Co, Zr, Sc, V, Rb, Sr, U, Th,
ΣREE, La, Ce and Eu anomalies and their binary relationships indicate that wherever the terrigenous
component has increased, the concentration of elements of felsic such as Zr and Hf has gone up. Elevated
concentrations of Ni, Co and Sc are contributed by chlorite and other components characteristic of basic
volcanic debris. The data suggest that these formations were generated by chemical and clastic
sedimentary processes on a shallow shelf. During transgression, chemical precipitation took place at the
sediment-water interface, whereas at the time of regression. Iron ore formed with sedimentary structures
and textures in Kammatturu area, in a setting where the water column was oxygenated.
Experimental Investigation on Characteristic Study of the Carbon Steel C45 in...IJMER
In this paper, the mechanical characteristics of C45 medium carbon steel are investigated
under various working conditions. The main characteristic to be studied on this paper is impact toughness
of the material with different configurations and the experiment were carried out on charpy impact testing
equipment. This study reveals the ability of the material to absorb energy up to failure for various
specimen configurations under different heat treated conditions and the corresponding results were
compared with the analysis outcome
Non linear analysis of Robot Gun Support Structure using Equivalent Dynamic A...IJMER
Robot guns are being increasingly employed in automotive manufacturing to replace
risky jobs and also to increase productivity. Using a single robot for a single operation proves to be
expensive. Hence for cost optimization, multiple guns are mounted on a single robot and multiple
operations are performed. Robot Gun structure is an efficient way in which multiple welds can be done
simultaneously. However mounting several weld guns on a single structure induces a variety of
dynamic loads, especially during movement of the robot arm as it maneuvers to reach the weld
locations. The primary idea employed in this paper, is to model those dynamic loads as equivalent G
force loads in FEA. This approach will be on the conservative side, and will be saving time and
subsequently cost efficient. The approach of the paper is towards creating a standard operating
procedure when it comes to analysis of such structures, with emphasis on deploying various technical
aspects of FEA such as Non Linear Geometry, Multipoint Constraint Contact Algorithm, Multizone
meshing .
Static Analysis of Go-Kart Chassis by Analytical and Solid Works SimulationIJMER
This paper aims to do modelling, simulation and performing the static analysis of a go
kart chassis consisting of Circular beams. Modelling, simulations and analysis are performed using 3-D
modelling software i.e. Solid Works and ANSYS according to the rulebook provided by Indian Society of
New Era Engineers (ISNEE) for National Go Kart Championship (NGKC-14).The maximum deflection is
determined by performing static analysis. Computed results are then compared to analytical calculation,
where it is found that the location of maximum deflection agrees well with theoretical approximation but
varies on magnitude aspect.
In récent year various vehicle introduced in market but due to limitation in
carbon émission and BS Séries limitd speed availability vehicle in the market and causing of
environnent pollution over few year There is need to decrease dependancy on fuel vehicle.
bicycle is to be modified for optional in the future To implement new technique using change in
pedal assembly and variable speed gearbox such as planetary gear optimise speed of vehicle
with variable speed ratio.To increase the efficiency of bicycle for confortable drive and to
reduce torque appli éd on bicycle. we introduced epicyclic gear box in which transmission done
throgh Chain Drive (i.e. Sprocket )to rear wheel with help of Epicyclical gear Box to give
number of différent Speed during driving.To reduce torque requirent in the cycle with change in
the pedal mechanism
Microcontroller Based Automatic Sprinkler Irrigation SystemIJMER
Microcontroller based Automatic Sprinkler System is a new concept of using
intelligence power of embedded technology in the sprinkler irrigation work. Designed system replaces
the conventional manual work involved in sprinkler irrigation to automatic process. Using this system a
farmer is protected against adverse inhuman weather conditions, tedious work of changing over of
sprinkler water pipe lines & risk of accident due to high pressure in the water pipe line. Overall
sprinkler irrigation work is transformed in to a comfortableautomatic work. This system provides
flexibility & accuracy in respect of time set for the operation of a sprinkler water pipe lines. In present
work the author has designed and developed an automatic sprinkler irrigation system which is
controlled and monitored by a microcontroller interfaced with solenoid valves.
On some locally closed sets and spaces in Ideal Topological SpacesIJMER
In this paper we introduce and characterize some new generalized locally closed sets
known as
δ
ˆ
s-locally closed sets and spaces are known as
δ
ˆ
s-normal space and
δ
ˆ
s-connected space and
discussed some of their properties
Intrusion Detection and Forensics based on decision tree and Association rule...IJMER
This paper present an approach based on the combination of, two techniques using
decision tree and Association rule mining for Probe attack detection. This approach proves to be
better than the traditional approach of generating rules for fuzzy expert system by clustering methods.
Association rule mining for selecting the best attributes together and decision tree for identifying the
best parameters together to create the rules for fuzzy expert system. After that rules for fuzzy expert
system are generated using association rule mining and decision trees. Decision trees is generated for
dataset and to find the basic parameters for creating the membership functions of fuzzy inference
system. Membership functions are generated for the probe attack. Based on these rules we have
created the fuzzy inference system that is used as an input to neuro-fuzzy system. Fuzzy inference
system is loaded to neuro-fuzzy toolbox as an input and the final ANFIS structure is generated for
outcome of neuro-fuzzy approach. The experiments and evaluations of the proposed method were
done with NSL-KDD intrusion detection dataset. As the experimental results, the proposed approach
based on the combination of, two techniques using decision tree and Association rule mining
efficiently detected probe attacks. Experimental results shows better results for detecting intrusions as
compared to others existing methods
Natural Language Ambiguity and its Effect on Machine LearningIJMER
"Natural language processing" here refers to the use and ability of systems to process
sentences in a natural language such as English, rather than in a specialized artificial computer
language such as C++. The systems of real interest here are digital computers of the type we think of as
personal computers and mainframes. Of course humans can process natural languages, but for us the
question is whether digital computers can or ever will process natural languages. We have tried to
explore in depth and break down the types of ambiguities persistent throughout the natural languages
and provide an answer to the question “How it affects the machine translation process and thereby
machine learning as whole?” .
Today in era of software industry there is no perfect software framework available for
analysis and software development. Currently there are enormous number of software development
process exists which can be implemented to stabilize the process of developing a software system. But no
perfect system is recognized till yet which can help software developers for opting of best software
development process. This paper present the framework of skillful system combined with Likert scale. With
the help of Likert scale we define a rule based model and delegate some mass score to every process and
develop one tool name as MuxSet which will help the software developers to select an appropriate
development process that may enhance the probability of system success.
Material Parameter and Effect of Thermal Load on Functionally Graded CylindersIJMER
The present study investigates the creep in a thick-walled composite cylinders made
up of aluminum/aluminum alloy matrix and reinforced with silicon carbide particles. The distribution
of SiCp is assumed to be either uniform or decreasing linearly from the inner to the outer radius of
the cylinder. The creep behavior of the cylinder has been described by threshold stress based creep
law with a stress exponent of 5. The composite cylinders are subjected to internal pressure which is
applied gradually and steady state condition of stress is assumed. The creep parameters required to
be used in creep law, are extracted by conducting regression analysis on the available experimental
results. The mathematical models have been developed to describe steady state creep in the composite
cylinder by using von-Mises criterion. Regression analysis is used to obtain the creep parameters
required in the study. The basic equilibrium equation of the cylinder and other constitutive equations
have been solved to obtain creep stresses in the cylinder. The effect of varying particle size, particle
content and temperature on the stresses in the composite cylinder has been analyzed. The study
revealed that the stress distributions in the cylinder do not vary significantly for various combinations
of particle size, particle content and operating temperature except for slight variation observed for
varying particle content. Functionally Graded Materials (FGMs) emerged and led to the development
of superior heat resistant materials.
Energy Audit is the systematic process for finding out the energy conservation
opportunities in industrial processes. The project carried out studies on various energy conservation
measures application in areas like lighting, motors, compressors, transformer, ventilation system etc.
In this investigation, studied the technical aspects of the various measures along with its cost benefit
analysis.
Investigation found that major areas of energy conservation are-
1. Energy efficient lighting schemes.
2. Use of electronic ballast instead of copper ballast.
3. Use of wind ventilators for ventilation.
4. Use of VFD for compressor.
5. Transparent roofing sheets to reduce energy consumption.
So Energy Audit is the only perfect & analyzed way of meeting the Industrial Energy Conservation.
An Implementation of I2C Slave Interface using Verilog HDLIJMER
The focus of this paper is on implementation of Inter Integrated Circuit (I2C) protocol
following slave module for no data loss. In this paper, the principle and the operation of I2C bus protocol
will be introduced. It follows the I2C specification to provide device addressing, read/write operation and
an acknowledgement. The programmable nature of device provide users with the flexibility of configuring
the I2C slave device to any legal slave address to avoid the slave address collision on an I2C bus with
multiple slave devices. This paper demonstrates how I2C Master controller transmits and receives data to
and from the Slave with proper synchronization.
The module is designed in Verilog and simulated in ModelSim. The design is also synthesized in Xilinx
XST 14.1. This module acts as a slave for the microprocessor which can be customized for no data loss.
Application of Parabolic Trough Collectorfor Reduction of Pressure Drop in Oi...IJMER
Pipelines are the least expensive and most effective method for the oil transportation.
Due to high viscosity of crude oil, the pressure drop and pumping power requirements are very high.
So it is necessary to bring down the viscosity of crude oil. Heated pipelines are used reduce the oil
viscosity by increasing the oil temperature. Electrical heating and direct flame heating are the common
method used for heating the oil pipeline. In this work, a new application of Parabolic Trough Collector
in the field of oil pipeline transport is introduced for reducing pressure drop in oil pipelines. Oil
pipeline is heated by applying concentrated solar radiation on the pipe surface using a Parabolic
Trough Collector in which the oil pipeline acts as the absorber pipe. 3-D steady state analysis is
carried out on a heated oil pipeline using commercial CFD software package ANSYS Fluent 14.5. In
this work an effort is made to investigate the effect of concentrated solar radiation for reducing
pressure drop in the oil pipeline. The results from the numerical analysis shows that the pressure drop
in oil pipeline is get reduced by heating the pipe line using concentrated solar radiation. From this
work, the application of PTC in oil pipeline transportation is justified.
Comparing Various SDLC Models On The Basis Of Available MethodologyIJMER
There are various SDLC models widely accepted and employed for developing software.
SDLC models give a theoretical guide line regarding development of the software. Employing proper
SDLC allows the managers to regulate whole development strategy of the software. Each SDLC has its
advantages and disadvantages making it suitable for use under specific condition and constraints for
specified type of software only. We need to understand which SDLC would generate most successful
result when employed for software development. For this we need some method to compare SDLC
models. Various methods have been suggested which allows comparing SDLC models. Comparing SLDC
models is a complex task as there is no mathematical theorem or physical device available. The essence
of this paper is to analyse some methodologies that could result in successful comparison of the SDLC
models. For this we have studied various available tools, techniques and methodologies and have tried
to extract most simple, easy and highly understandable method for comparing SDLC models.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
An Effective Policy Anomaly Management Framework for Firewalls
1. www.ijmer.com
International Journal of Modern Engineering Research (IJMER)
Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2916-2919
ISSN: 2249-6645
An Effective Policy Anomaly Management Framework
for Firewalls
Akula Kranthi Kumar1, Syed Gulam Gouse2
1
2
M.Tech, Nimra College of Engineering & Technology, Vijayawada, A.P., India.
Professor, Dept.of CSE, Nimra College of Engineering & Technology, Vijayawada, A.P., India.
ABSTRACT: Firewalls are devices or programs that control the flow of network traffic between hosts or networks that
employ differing security postures. While firewalls are often discussed in the context of Internet connectivity, they may also
have applicability in various other network environments. At one time, most firewalls were deployed at the network
perimeters. This provided some measure of protection for internal hosts, but it could not recognize all instances and forms of
attacks, and attacks sent from one internal host to another often do not pass through network firewalls. Because of these and
other factors network designers now often include firewall functionality at places other than the network perimeter to
provide an additional layer of network security. Due to the increasing threat of network attacks, firewalls have become
important integrated elements not only in the enterprise networks but also in small-size and home networks. Firewalls have
been the frontier defense for secure networks against attacks and unauthorized traffic by filtering out unnecessary network
traffic coming into or going from the secured network. In this paper, we represent an effective policy anomaly management
framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective
anomaly resolutions.
Keywords: Anomalies, FAME, Firewall, Policies.
I.
INTRODUCTION
With the global Internet connection, network security has gained significant attention in both the research and
industrial communities. Due to the increasing threat of network attacks, firewalls have become important integrated elements
not only in the enterprise networks but also in small-size and home networks. A firewall is a security guard placed at the
point of entry between a private network and the outside Internet so that all incoming and outgoing traffic have to pass
through it. A packet can be viewed as a tuple with a finite number of fields; examples of these fields are source/destination
IP address, source/destination port number, and protocol type. By examining the values of these fields for each incoming and
outgoing packet, a firewall accepts legal packets and discards illegitimate ones according to its configuration.
A firewall configuration defines which packets are legal and which are illegal. An error in a firewall configuration
means a wrong definition of being legitimate or illegitimate for some packets, which will either allow unauthorized access
from the outside Internet to the private network, or disable some legitimate communication between the private network and
the outside network. How to design a correct firewall configuration is therefore a very important security issue. Firewalls
have been the frontier defense for secure networks against many attacks and unauthorized traffic by filtering out unwanted
network traffic coming into or going from the secured network. The filtering decision is taken according to a set of ordered
filtering rules written based on the predefined security policy requirements. Although deployment of firewall technology is
an important step toward securing the networks, the complexity of managing firewall policy might limit the effectiveness of
firewall security. A firewall policy may include anomalies, where a network packet may match with two or more different
filtering rules.
When the filtering rules are defined, serious attention has to be given to rule relations and interactions in order to
determine the proper rule ordering and to guarantee correct security policy semantics. As the number of filtering rules
increases, then the difficulty of writing a new rule or modifying an existing one also increases. It is very likely, in this case,
to introduce the conflicting rules such as one general rule shadowing another specific rule, or correlated rules whose relative
ordering determines different actions for the same packet. In addition, a typical large-scale enterprise network might involve
hundreds of rules that might be written by various administrators in various times. This significantly increases the potential
of the anomaly occurrence in the firewall policy, jeopardizing the security of the protected network [1]. Therefore, the
effectiveness of the firewall security is dependent on providing policy management techniques and tools that enable network
administrators to analyze and verify the correctness of written firewall legacy rules.
II.
RELATED WORK
Effective mechanisms and tools for policy management are crucial to the success of the firewalls. Recently, policy
anomaly detection has received a great deal of attention [2], [3], [4], [5]. Corresponding policy analysis tools, such as
Firewall Policy Advisor [2] and FIREMAN [3], with the goal of detecting the policy anomalies have been introduced.
Firewall Policy Advisor only has the capability of detecting pairwise anomalies in firewall rules. FIREMAN can detect
anomalies among multiple rules by analyzing the relationships between one rule and the collections of packet spaces derived
from all the preceding rules. However, FIREMAN also has several limitations in detecting anomalies [4]. For each firewall
rule, FIREMAN only examines all the preceding rules but ignores all subsequent rules when performing anomaly analysis.
In addition, each analysis result from FIREMAN can only show that there is a misconfiguration between oner ule and its
preceding rules, but cannot accurately indicate all the rules involved in an anomaly.
www.ijmer.com
2916 | Page
2. International Journal of Modern Engineering Research (IJMER)
www.ijmer.com
Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2916-2919
ISSN: 2249-6645
A first approach to addressing our problem domain is the use of the refinement mechanisms. In this way, we can perform a
top-down deployment of the rules by unfolding a global set of security policies into the configurationsof several components
and guaranteeing that those deployed configurations are free of anomalies. In [6], for example, the authors present a
refinement method that uses a formal model for the generation of filtering rules by transforming general rules into specific
configuration rules. Indeed, the authors propose the use of roles to better define of network capabilities, and the use of an
inheritance mechanism through a hierarchy of entities to automatically generate permissions and prohibitions. A second
refinement approach based on the concept of roles is also presented in [7]. However, and although the authors claim that
their work is based on the Role Base Access Control (RBAC) model, their specification of the network entities, roles, and
permission assignments are not rigorous and does not fit any reality. Most of these limitations are solved in the approach as
presented in [8], where a global set of rules based on theOrganization Based Access Control (OrBAC) model [2] are further
deployed into specific firewall configuration files through a transformation process. Generally, the administrators are
reluctant to set up from scratch a whole network security policy, and prefer recycling existing configurations.
III.
FIREWALL POLICIES AND ANOMALIES
A firewall policy rule is defined as a set of criteria and an action to perform when a network packet matches the
criteria. The criteria of a rule consist of the elements direction, protocol, source port, source IP, destination IP and destination
port. Therefore a complete rule may be defined by the ordered tuple <direction, protocol, source IP, source port, destination
IP, destination port, action>. Each attribute can be defined as a range of values, which can be represented and analyzed as
the sets. The relation between two rules essentially mean that the relation between the set of packets they match. Thus the
action field does not come into play when considering the relation between the two rules. Firewall policy anomaly is defined
as the existence of two or more firewall filtering rules that may match the same packet . The existence of a rule that can
never match any network packet on the network paths that cross the firewall also cause anomaly. Till date, five types of
anomalies are discovered – they are: Shadowing Anomalies, Correlation Anomalies, Generalization Anomalies, Redundancy
Anomalies, and Irrelevance Anomalies.
Shadowing anomaly: Two rules are said to have shadowing anomaly ,whenever the rule which comes first in the rule set
matches all the packets and the second rule which is positioned after the first rule in rule set does not get chance to match
any packet because the previous rule has matched all the packets.
Correlation anomaly: Two rules are said to have correlation anomaly if both of the rules matches some common packets
that is the rule one matches some packets, which are also matched by the rule second.
Generalization anomaly: Two rules which are in order one of them is said to be in the generalization of another if the first
rules matches all the packets which can be also matched by the second rule but the action performed is different in both the
rules.
Redundancy anomaly: Two rules are said to be redundant if both of the rules matches some packets and the action
performed is also the same. So there is no effect on the firewall policy if one of the redundant rules will be removed from the
rule set.
Irrelevance anomaly: Any rule is said to be irrelevant if for a given time interval it does not matches any of the network
packets either incoming or outgoing. Thus if any type of the packets do not match the rule then it is irrelevant i.e. there is no
need to put that rule in the rule set.
IV.
ANOMALY MANAGEMENT FRAMEWORK
In our proposed policy anomaly management framework is composed of two core functionalities: conflict detection
and resolution, and redundancy discovery and removal, as depicted in Figure 1. Both of the functionalities are based on the
rule-based segmentation technique. For conflict detection and resolution, conflicting segments are identified only in the first
step. Each conflicting segment associates with the policy conflict and a set of conflicting rules. Also, the correlation
relationships among the conflicting segments are identified and conflict correlation groups (CG) are derived. Policy conflicts
belonging to different conflict correlation groups can be resolved separately; thus, the searching space for resolving the
conflicts is reduced by the correlation process. The second step generates an action constraint for each of the conflicting
segment by examining the characteristics of each conflicting segment. A strategy-based method is introduced for generating
the action constraints. The third step utilizes a reordering algorithm, which is a combination of the permutation algorithm
and a greedy algorithm, to discover a near-optimal conflict resolution solution for policy conflicts. Regarding redundancy
discovery and removal, the segment correlation groups are first identified. Then, the process of the property assignment is
performed to each rule’s subspaces.
www.ijmer.com
2917 | Page
3. www.ijmer.com
International Journal of Modern Engineering Research (IJMER)
Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2916-2919
ISSN: 2249-6645
Figure 1: Policy anomaly management framework
A. Conflict Resolution
Our conflict resolution mechanism introduces that an action constraint is assigned to each of the conflicting
segment. An action constraint for the conflicting segment defines a desired action (either Allow or Deny) that the firewall
policy should take when any packet within the conflicting segment comes to the firewall. Then, to resolve the conflict, we
only assure that the action taken for each packet within the conflicting segment can satisfy the corresponding action
constraint. To generate action constraints for conflicting segments, we propose a strategy-based conflict resolution method,
which generates the action constraints with the help of effective resolution strategies based on the minimal interaction with
system administrators. Figure 2 shows the main processes of this method, which incorporates both automated and manual
strategy selections. Once conflicts in the firewall policy are discovered and conflict correlation groups are identified, the risk
assessment for conflicts is performed.
Figure 2: Strategy-based conflict resolution
B. Implementation of FAME
FAME was implemented in Java language. Based on our policy anomaly management framework, it consists of 6
components: segmentation module, correlation module, risk assessment module, action constraint generation module, rule
reordering module, and property assignment module. The segmentation module takes the firewall policies as an input and
identifies the packet space segments by partitioning the packet space into disjoint subspaces. Our framework is realized as a
proof-of-concept prototype called as Firewall Anomaly Management Environment. Figure 3 shows a high-level architecture
of FAME with two levels. The upper level is the visualization layer, which visualizes the results of the policy anomaly
analysis to system administrators. Two visualization interfaces, policy conflict viewer and the policy redundancy viewer, are
designed to manage policy conflicts and redundancies, respectively. The lower level of the architecture provides underlying
www.ijmer.com
2918 | Page
4. International Journal of Modern Engineering Research (IJMER)
www.ijmer.com
Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2916-2919
ISSN: 2249-6645
functionalities addressed in our proposed policy anomaly management framework and relevant resources including rule
information, strategy repository, network asset information, and vulnerability information.
Figure 3: Architecture of FAME
V.
CONCLUSION
A firewall is a system acting as an interface of a network to one or more external networks, for example, Internet. It
implements the security policies of the network by deciding which packets to let through based on rules defined by the
network administrator. Any error in defining the rules may compromise the system security by letting unwanted network
traffic pass or blocking desired traffic. Manual definition of the rules often results in a set that contains conflicting,
redundant or overshadowed rules, resulting in anomalies in the policy. Manually detecting and resolving these anomalies is a
critical task but tedious and error prone task. Existing research on this problem have been focused on the analysis and
detection of the anomalies in the firewall policy. A rule-based segmentation mechanism and a grid-based representation
technique were introduced to achieve the goal of effective and efficient firewall anomaly analysis. In addition, it is
demonstrated that our proposed work is practical and helpful for system administrators to enable an assurable network
management.
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
E. Al-Shar and H. Hemed. “Firewall Policy Advisor for Anomaly Detection and Rule Editing.” Proc.of IEEE/IFIP Integrated
Management Conference (IM’2003), March 2003.
E. Al-Shaer and H. Hamed, “Discovery of Policy Anomalies inDistributed Firewalls,” IEEE INFOCOM ’04, vol. 4, pp. 26052616,2004.
L. Yuan, H. Chen, J. Mai, C. Chuah, Z. Su, P. Mohapatra, and C.Davis, “Fireman: A Toolkit for Firewall Modeling and
Analysis,”Proc. IEEE Symp. Security and Privacy, p. 15, 2006.
J. Alfaro, N. Boulahia-Cuppens, and F. Cuppens, “CompleteAnalysis of Configuration Rules to Guarantee Reliable
NetworkSecurity Policies,” Int’l J. Information Security, vol. 7, no. 2, pp. 103122,2008.
F. Baboescu and G. Varghese, “Fast and Scalable ConflictDetection for Packet Classifiers,” Computer Networks, vol. 42,no. 6, pp.
717- 735, 2003.
Bartal, Y., Mayer, A., Nissim, K., and Wool, A. Firmato: A novel firewall management toolkit. In IEEE Symposiumon Security
and Privacy, pp. 17–31, Oakland, California, May, 1999.
Reed, D. IP Filter. [Online]. Available from:http://www.ja.net/CERT/Software/ipfilter/ip-filter.html
Hassan, A. and Hudec, L. Role Based Network Security Model: A Forward Step towards Firewall Management.In Workshop On
Security of Information Technologies, Algiers, December, 2003.
www.ijmer.com
2919 | Page