MIRAGE

Home

      

Resources

      

More Information

MIRAGE is an audit tool for the analysis of network security policies deployed over network security components, such as firewalls and intrusion detection systems. It implements an analysis of components' configurations to detect anomalies on their deployment.

Source Code & Publications

  1.     Public git mirrored repositories
     
  2. M. Belhaouane, J. Garcia-Alfaro, H. Debar. "Evaluating the Comprehensive Complexity of Authorization-based Access Control Policies Using Quantitative Metrics". 12th International Conference on Security and Cryptography (SECRYPT 2015), pp 53-64, Colmar, France, 20-22 July 2015.  
    Full Ref. Paper
  3. M. Belhaouane, J. Garcia-Alfaro, H. Debar. "On the Isofunctionality of Network Access Control Lists". 10th International Conference on Availability, Reliability and Security (ARES 2015), Toulouse, France, 24-28 August 2015.  
    Full Ref. Paper
  4. S. Martinez, J. Garcia-Alfaro, F. Cuppens, N. Cuppens-Boulahia and J. Cabot. "Model-driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems". 30th IFIP TC-11 International Conference on ICT Systems on Security and Privacy Protection (IFIP SEC 2015), Hamburg, Germany, May 26-28, 2015.  
    Paper Ref. Paper
  5. J. Garcia-Alfaro, F. Cuppens, N. Cuppens-Boulahia, S. Martinez, J. Cabot. "Management of stateful firewall misconfiguration". Computers & Security, 39(A):64-85, November 2013.
    Paper Ref. Paper
  6. S. Wazan, G. Blanc, H. Debar, J. Garcia-Alfaro. "Attribute-based Mining Process for the Organization-Based Access Control Model". 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2013), Melbourne, Australia, July, 2013.
    Paper
  7. S. Martinez, J. Garcia-Alfaro, F. Cuppens, N. Cuppens-Boulahia, J. Cabot. "Model-driven Extraction and Analysis of Network Security Policies".16th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS 2013), Miami, Florida, pp. 52-68, September 2013.
    Paper Ref. Paper
  8. S. Martinez, J. Garcia-Alfaro, F. Cuppens, N. Cuppens-Boulahia, J. Cabot. "Towards an Access-Control Metamodel for Web Content Management Systems". 9th Model-Driven Web Engineering Workshop (MDWE 2013), 13th International Conference on Web Engineering, Aalborg, North Denmark, July 2013.
    Paper
  9. S. Hachana, F. Cuppens, N. Cuppens-Boulahia, J. Garcia-Alfaro. "Semantic Analysis of Role Mining Results and Shadowed Roles Detection". Information Security Technical Report, 17(4):131-147, May 2013.
    Paper Ref. Paper
  10. S. Martinez, J. Garcia-Alfaro, F. Cuppens, N. Cuppens-Boulahia, J. Cabot. "A model-driven approach for the extraction of network access-control policies". Model-Driven Security Workshop (MDsec'12), ACM/IEEE 15th International Conference on Model Driven Engineering Languages & Systems (MODELS 2012). Innsbruck, Austria, October, 2012.
    Paper ref. Paper
  11. S. Hachana, F. Cuppens, N. Cuppens-Boulahia, J. Garcia-Alfaro. "Towards Automated Assistance for Mined Roles Analysis in Role Mining Applications". 7th International Conference on Availability, Reliability and Security (ARES'2012), Czech Republic, August 2012.
    Paper
  12. F. Cuppens, N. Cuppens-Boulahia, J. Garcia-Alfaro, T. Moataz, X. Rimasson. "Handling Stateful Firewall Anomalies". 27th IFIP TC-11 International Information Security Conference (IFIPsec 2012), IFIP, Springer, Crete, Greece, June 2012.
    Paper
  13. N. Cuppens-Boulahia, F. Cuppens, J. Garcia-Alfaro. "Administration des Architectures de Securite Reseau". Multi-Systems & Internet Security Cookbook, 57:73-82, September 2011.
    Paper Ref.
  14. F. Cuppens, N. Cuppens-Boulahia, J. Garcia-Alfaro, T. Moataz, S. Morucci, X. Rimasson. "Detection des anomalies dans les pare-feux de nouvelles generations". 7th Conference on Network and Information Systems Security, Cabourg, France, May 2012.
    Paper
  15. S. Preda, F. Cuppens, N. Cuppens, J. Garcia-Alfaro, L. Toutain. "Dynamic deployment of context-aware access control policies for constrained security devices". Journal of Systems and Software, 84(7):1144-1159, July 2011.
    Full Paper Journal Ref. Paper Ref.
  16. J. Garcia-Alfaro, F. Cuppens, N. Cuppens, S. Preda. "MIRAGE: A Management Tool for the Analysis and Deployment of Network Security Policies". 3rd SETOP International Workshop on Autonomous and Spontaneous Security (Co-located with ESORICS 2010), pp. 203-215, Springer, LNCS 6514, Athens, Greece, September 2010.
    Full Paper Paper Ref.
  17. S. Preda, N. Cuppens, F. Cuppens, J. Garcia-Alfaro, L. Toutain. "Model-driven Security Policy Deployment: Property Oriented Approach", International Symposium on Engineering Secure Software and Systems (ESSoS10), LNCS 5965, pp. 123-139, Springer, February 2010.  
    Full PaperFull Ref.
  18. S. Preda, F. Cuppens, N. Cuppens, J. Garcia-Alfaro, L. Toutain, and Y. Elrakaiby. "Semantic Context Aware Security Policy Deployment". ACM Symposium on Information, Computer and Communications Security (ASIACCS 2009), pp. 251-261, ACM, Sydney, Australia, March 2009.
    Full Paper
  19. J. Garcia-Alfaro, N. Cuppens, and F. Cuppens. "Complete Analysis of Configuration Rules to Guarantee Reliable Network Security Policies". International Journal of Information Security, Springer, 7(2):103-122, April 2008.
    Full Paper Full Ref.
  20. S. Preda, N. Cuppens, F. Cuppens, J. Garcia-Alfaro, and L. Toutain. "Reliable Process for Security Policy Deployment". In Proceedings of the International Conference on Security and Cryptography (Secrypt 2007), Barcelona, Spain, July 2007.
    Full Paper
  21. J. Garcia-Alfaro, F. Cuppens, and N. Cuppens. "Management of Exceptions on Access Control Policies". In Proceedings of the 22nd IFIP TC-11 International Information Security Conference (IFIPsec2007), IFIP, Springer, Kluwer Academic, 97-108, Sandton, South Africa, May 2007.  
    Full PaperFull Ref.
  22. J. Garcia-Alfaro, F. Cuppens, and N. Cuppens. "Aggregating and Deploying Network Access Control Policies". In Proceedings of the 1rst Symposium on Frontiers in Availability, Reliability and Security (FARES), 2nd International Conference on Availability, Reliability and Security (ARES 2007), IEEE Computer Society, 532-539, Vienna, Austria, April 2007.
    Full Paper
  23. J. Garcia-Alfaro, F. Cuppens, and N. Cuppens. "Analysis of Policy Anomalies on Distributed Network Security Setups". Lecture Notes in Computer Science, 4189 (September 2006), 496-511, European Symposium On Research In Computer Security (Esorics 2006), Hamburg, Germany.
    Full Paper
  24. J. Garcia-Alfaro, F. Cuppens, and N. Cuppens. "Towards Filtering and Alerting Rule Rewriting on Single-Component Policies". Lecture Notes in Computer Science, 4166 (September 2006), 182-194, Conference on Computer Safety, Reliability, and Security (Safecomp 2006), Gdansk, Poland.
    Full Paper
  25. J. Garcia-Alfaro, F. Cuppens, and N. Cuppens. "Analisis de anomalias sobre politicas de control de acceso en red". In IX Reunion Española sobre Criptologia y Seguridad de la Informacion , 584-599, Barcelona, Spain, September 2006.
    Full Paper
  26. F. Cuppens, N. Cuppens, and J. Garcia-Alfaro. "Detection of Network Security Component Misconfiguration by Rewriting and Correlation". In 5th Conference on Security and Network Architectures (SAR-SSI2006), Seignose - Landes, France, June 2006.
    Full Paper
  27. F. Cuppens, N. Cuppens, and J. Garcia-Alfaro. "Detection and Removal of Firewall Misconfiguration". In Proceedings of the 2005 IASTED International Conference on Communication, Network and Information Security (CNIS 2005). IASTED, Phoenix, AZ, USA, 154-161, November, 2005. ISBN: 0-88986-537-X.
    Full Paper
  28. F. Cuppens, N. Cuppens, and J. Garcia-Alfaro. "Misconfiguration Management of Network Security Components". In Proceedings of the 7th International Symposium on System and Information Security (SSI 2005), Sao Paulo, Brazil, 1-10, November, 2005. ISBN: 85-87978-10-1.
    Full Paper