17-03-2014, 09:24 PM
Abstract— A genetic algorithm based policy management
system judges the validity of network events according to the
rules defined in the rule base. These rules are either IP addresses
or combination of IP address and some other parameters, such as
port numbers etc. This paper discusses the design and benefits of
rule base which is based on Finite State Machines. Since
whenever a new network event comes, the process of judging
the event should be less time consuming. This could be done by
making the rule base efficient in terms of searching of rules. One
of the way of doing so is using FSM’s. For a table having 232
(approx) entries, the searching time for a FSM based system is
calculated mathematically to be 210 (approx), and the time
complexity for same number of entries for a linear searching
system will be 232 (approx) . In this paper a brief overview of
Finite State Machines is presented. The proposed design of Rule
Base is discussed in detail with its advantages.
Keywords- Finite state machine, genetic feedback
algorithm based network security policy framework, rule
base.
I. INTRODUCTION
At present, policy based network management systems
are one of the most popular research areas in computer
science, as it provides good scalability and flexibility for
the management of large scale networks, especially
concentrating on the security of the network.
A policy based system generally works in three steps:
first depending on security goals creating security
policies, secondly these newly created policies are
assigned to a certain position; finally these policies are
enforced by security entities [2].
But in a complex network environment, new events
are generated unpredictably on demand. Beside these new
events there are many events reporting system faults,
status and performance information. Now in such a vast
network event environment if the administrator created
some policies based on his observation, but some of the
security events might be there which administrator fails to
recognize, then how the system will handle such a
situation? A traditional policy-based management system
and policy authoring rely on static authoring of “if
[condition] then [action]” rules, becomes incapable.
Utility function [4], goal policies [4,1], and data mining
and reinforcement learning[5], have emerged as new
approaches. Though to a new and ambiguous situations
these approaches fails to respond in systematic manner.
One of the solutions to these problems can be a genetic
algorithm based policy frame work [2]. This policy
system based on genetic algorithm has four basic
components described in IETF policy frame work, they
are Policy Repository, policy management tool, policy
decision point, and policy enforcement point [6]. Apart
from these components it has following component [2]
Data set – Data set is used for the fitness evaluation
during the execution of genetic algorithm.