Modeling Firewalls for Behavior Analysis

This work presents a software behavioral model of the capabilities found in firewall type devices and a process for taking vendor specific nuances to a common implementation. This includes understanding interfaces, routes, rules, translation, and policies; modeling them in a common manner such that different models may be compared to each other for functional similarity. This work makes use of recent efforts to model firewall policies in a concise efficient data structure referred to as a Firewall Policy Diagram (FPD). The structure facilitates the canonical representation of a policy as well as human comprehension of the policy. Its use with behavior modeling is to capture and compare the results of a potentially large solution space.