A novel mechanism for anomaly removal of firewall filtering rules

Chi Shih Chao, Stephen J.H. Yang

Research output: Contribution to journalArticlepeer-review

6 Scopus citations

Abstract

Firewalls are always treated as the core devices for network security to protect networks from being attacked. Still, properly configuring firewall rules is no easy task due to its laboring and time-consuming characteristic. In some cases, firewall rules need to be added, deleted, modified, or order-changed from time to time to fit in the dynamic of network traffic. As a result, firewalls are subject to rule anomalies caused by misconfigurations such that network security holes can be created accordingly, and then damage the managed networks and even worse the firewalls themselves. In this paper, an enhanced firewall rule management approach is proposed where it can not only pinpoint the anomalies among firewall rules effectively and efficiently, but also provide a novel mechanism for correct and speedy removal of rule anomalies. As a demonstration, a visualized firewall rule anomaly removal system has been realized and performance evaluations on anomaly removal have been also conducted, in which our developed mechanism shows its excellence and feasibility.

Original languageEnglish
Pages (from-to)949-957
Number of pages9
JournalJournal of Internet Technology
Volume21
Issue number4
DOIs
StatePublished - 2020

Keywords

  • DDoS on firewalls
  • Firewall rule anomaly diagnosis
  • Rule anomaly removal
  • System feasibility

Fingerprint

Dive into the research topics of 'A novel mechanism for anomaly removal of firewall filtering rules'. Together they form a unique fingerprint.

Cite this