Towards a new design of firewall: Anomaly elimination and fast verifying of firewall rules

Khummanee, Suchart; Khumseela, Atipong; Puangpronpitag, Somnuk

doi:10.1109/jcsse.2013.6567326

Cited by 16 publications

(14 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A firewall system operation is based on first-match criterion to determine which rule should be applied to which packet. The filtering ruleset is sequential and divided into two parts, namely predicate and decision and is of the form [11], [10].…”

Section: A Experiments 1: Unauthorized Access Prevention By the Firewallmentioning

confidence: 99%

“…A firewall F executes two steps when an incoming packet p reaches it. In the first step, it identifies the first rule r in the sequential ruleset whose <predicate> allots the value true to packet p due to the matches in the fields while in the second step, if the <decision> of rule r is to accept or to discard packet p, then, the firewall accepts or discards the packet as the case may be [11], [10].…”

Section: A Experiments 1: Unauthorized Access Prevention By the Firewallmentioning

confidence: 99%

“…Likewise, [10] proposes a method for designing modular firewalls with small inversion metrics for design understanding. Furthermore, a firewall rule management policy without conflict and an algorithm to fast-check the firewall rules is demonstrated in [11]. This paper focusses on securing campus network with firewalls and proposes an effective multi-layer firewall system for augmenting the functionalities of other network security technologies.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Effective Multi-Layer Security for Campus Network

Alimi

2015

JCTECS

View full text Add to dashboard Cite

Abstract-The development in different communication systems as well as multimedia applications and services leads to high rate of Internet usage. However, transmission of information over such networks can be compromised and security breaches such as virus, denial of service, unauthorized access, and theft of proprietary information which may have devastating impact on the system may occur if adequate security measures are not employed. Consequently, building viable, effective, and safe network is one of the main technical challenges of information transmission in campus networks. Furthermore, it has been observed that, network threats and attacks exist from the lower layers of network traffic to the application layer; therefore, this paper proposes an effective multi-layer firewall system for augmenting the functionalities of other network security technologies due to the fact that, irrespective of the type of access control being employed, attacks are still bound to occur. The effectiveness of the proposed network architecture is demonstrated using Cisco Packet Tracer. The simulation results show that, implementation of the proposed topology is viable and offers reasonable degree of security at different network layers.

show abstract

Section: A Experiments 1: Unauthorized Access Prevention By the Firewallmentioning

confidence: 99%

Section: A Experiments 1: Unauthorized Access Prevention By the Firewallmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Effective Multi-Layer Security for Campus Network

Alimi

2015

JCTECS

View full text Add to dashboard Cite

show abstract

“…It is observed that packets are checked against the rules serially which consumes most of the working time of firewall. Solution for this problem is to arrange rules in Binary Tree Firewall (BTF) [12]. In BTF rules are stored in binary tree which helps to reduce packet checking time.…”

Section: Related Workmentioning

confidence: 99%

Improving Performance of CrossDomain Firewalls in MultiFirewall System

Sonali¹

2015

IJRITCC

View full text Add to dashboard Cite

Abstract-Firewall is used to protect local network from outside untrusted public network or Internet. Every packet coming to and going out from network is inspected at Firewall. Local network policies are converted into rules and stored in firewall. It is used to restrict access of the external network into local network and vice versa. Packets are checked against the rules serially. Therefore increase in the number of rules decreases the firewall performance. The key thing in performance improvement is to reduce number of firewall rules. Optimization helps to reduce number of rules by removing anomalies and redundancies in the rule list. It is observed that only reducing number of rules is not sufficient as the major time is consumed in rule verification. Therefore to reduce time of rule checking fast verification method is used. Prior work focuses on either Intrafirewall optimization or Interfirewall optimization within single administrative domain. In cross-domain firewall optimization key thing is to keep rules secure from others as they contain confidential information which can be exploited by attackers. The proposed system implements cross-domain firewall rule optimization. For optimization multi-firewall environment is considered. Then optimized rule set is converted to Binary Tree Firewall (BTF) so as to reduce packet checking time and improve firewall performance further.

show abstract

“…In this paper, we will refer these policies as Access Control Lists (ACL's). As defined in [6], an ACL is of the form {Predicate}  {Decision} where {Predicate} is represented over certain predefined packet fields. Typically, Cisco IOS-based security devices [13,15] contain the fields ACL ID, sequence number, protocol, source IP address, source wild card mask, destination IP address, destination wild card mask, destination port range and additional options (refer table 1).…”

Section: Introductionmentioning

confidence: 99%

Detection of Firewall Policy Anomalies in Real-time Distributed Network Security Appliances

Hanamsagar¹,

Borate²,

Jane³

et al. 2015

IJCA

View full text Add to dashboard Cite

With the advent of emerging technologies like cloud computing, the security of confidential data is of prime importance. Firewalls are widely used as the most basic security device used to protect a network from unauthorized access and network intrusions. Network Administrators define some rules to filter incoming and outgoing packets which form the security policy of the firewall. The large size of firewall policies create complex interactions between policies of the same firewall as well as between multiple firewalls. In this paper, we extend the currently known classification for firewall policy anomalies. Further, we propose a tool which obtains these rules from security devices in real-time environment, detects the anomalies present in them according to the underlying network topology and propagates the consistent rules with the consent of administrator. Currently, the tool can only be used with Cisco security devices; however, it can be extended to incorporate the syntax of other vendor's devices as well.

show abstract

Towards a new design of firewall: Anomaly elimination and fast verifying of firewall rules

Cited by 16 publications

References 10 publications

Effective Multi-Layer Security for Campus Network

Effective Multi-Layer Security for Campus Network

Improving Performance of CrossDomain Firewalls in MultiFirewall System

Detection of Firewall Policy Anomalies in Real-time Distributed Network Security Appliances

Contact Info

Product

Resources

About