An Enhanced Firewall Scheme for Dynamic and Adaptive Containment of Emerging Security Threats

Due to the increasing threat of attacks and malicious activities, the use of firewall technology is an important milestone toward making networks of any complexity and size secure. Unfortunately, the inherent difficulties in designing and managing firewall policies within the modern highly distributed, dynamic and heterogeneous environments might greatly limit the effectiveness of firewall security. It is therefore desirable to automate as much as possible the firewall configuration process. Accordingly, this work presents a new more active and scalable fire walling architecture based on dynamic and adaptive policy management facilities, thus enabling the automatic generation of new rules and policies, to ensure a timely response in detecting unusual traffic activity and identify unknown potential attacks (0day). The proposed scheme, structured in a multi-stage modular fashion, can be easily applied in a distributed security environment, and does not depend on specific security solutions or hardware/software packages.

[1]  Ehab Al-Shaer,et al.  Specifications of a high-level conflict-free firewall policy language for multi-domain networks , 2007, SACMAT '07.

[2]  Sushil Jajodia,et al.  Access control policies and languages , 2007, Int. J. Comput. Sci. Eng..

[3]  Idris Bharanidharan Shanmugam,et al.  Hybrid intelligent Intrusion Detection System , 2005 .

[4]  Avishai Wool,et al.  Fang: a firewall analysis engine , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[5]  Joshua D. Guttman,et al.  Rigorous automated network security management , 2005, International Journal of Information Security.

[6]  Rafael M. Gasca,et al.  AFPL, an Abstract Language Model for Firewall ACLs , 2008, ICCSA.

[7]  Ehab Al-Shaer,et al.  Discovery of policy anomalies in distributed firewalls , 2004, IEEE INFOCOM 2004.

[8]  Ehab Al-Shaer,et al.  Analysis of firewall policy rules using traffic mining techniques , 2010, Int. J. Internet Protoc. Technol..

[9]  Ehab Al-Shaer,et al.  Taxonomy of conflicts in network security policies , 2006, IEEE Communications Magazine.