TY - JOUR
T1 - A novel mechanism for anomaly removal of firewall filtering rules
AU - Chao, Chi Shih
AU - Yang, Stephen J.H.
N1 - Publisher Copyright:
© 2020 Taiwan Academic Network Management Committee. All rights reserved.
PY - 2020
Y1 - 2020
N2 - Firewalls are always treated as the core devices for network security to protect networks from being attacked. Still, properly configuring firewall rules is no easy task due to its laboring and time-consuming characteristic. In some cases, firewall rules need to be added, deleted, modified, or order-changed from time to time to fit in the dynamic of network traffic. As a result, firewalls are subject to rule anomalies caused by misconfigurations such that network security holes can be created accordingly, and then damage the managed networks and even worse the firewalls themselves. In this paper, an enhanced firewall rule management approach is proposed where it can not only pinpoint the anomalies among firewall rules effectively and efficiently, but also provide a novel mechanism for correct and speedy removal of rule anomalies. As a demonstration, a visualized firewall rule anomaly removal system has been realized and performance evaluations on anomaly removal have been also conducted, in which our developed mechanism shows its excellence and feasibility.
AB - Firewalls are always treated as the core devices for network security to protect networks from being attacked. Still, properly configuring firewall rules is no easy task due to its laboring and time-consuming characteristic. In some cases, firewall rules need to be added, deleted, modified, or order-changed from time to time to fit in the dynamic of network traffic. As a result, firewalls are subject to rule anomalies caused by misconfigurations such that network security holes can be created accordingly, and then damage the managed networks and even worse the firewalls themselves. In this paper, an enhanced firewall rule management approach is proposed where it can not only pinpoint the anomalies among firewall rules effectively and efficiently, but also provide a novel mechanism for correct and speedy removal of rule anomalies. As a demonstration, a visualized firewall rule anomaly removal system has been realized and performance evaluations on anomaly removal have been also conducted, in which our developed mechanism shows its excellence and feasibility.
KW - DDoS on firewalls
KW - Firewall rule anomaly diagnosis
KW - Rule anomaly removal
KW - System feasibility
UR - http://www.scopus.com/inward/record.url?scp=85091344511&partnerID=8YFLogxK
U2 - 10.3966/160792642020072104005
DO - 10.3966/160792642020072104005
M3 - 期刊論文
AN - SCOPUS:85091344511
SN - 1607-9264
VL - 21
SP - 949
EP - 957
JO - Journal of Internet Technology
JF - Journal of Internet Technology
IS - 4
ER -