Abstract
The importance given to firewalls as a security mechanism for protecting sensitive and private infrastructures has been well justified in literature. Nowadays, we consider firewalls as one of the most important security mechanisms that is widely deployed and highly approved. The main goal of this fundamental security component is to provide a filtering service by blocking or providing access to specific areas and segments of a network based on a set of filtering rules defined with regards to the global security policy. Hence, the effectiveness of the protection provided by a firewall is governed by the efficiency of the filtering policy deployed in that firewall. To enhance the quality of the filtering service provided by firewalls, we propose a novel filtering technique that integrates a risk assessment approach to evaluate the risk associated to firewalls rules. Our goal is to strengthen the filtering service with pertinent information relative to rules risk values that allows (i) changing the actions associated to critical rules in specific/critical contexts or (ii) dynamically injecting new rules in the firewall that refine other rules (by giving precision or reducing domains) to reduce the risk or (iii) changing the behavior of the firewall by changing its configuration (the set of rules) to avoid malicious scenarios.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Kumar, D., Gupta, M.: Implementation of firewall & intrusion detection system using pfSense to enhance network security. Int. J. Electr. Electron. Comput. Sci. Eng. 5(ICSCAAIT–2018), 131–137 (2018)
Diekmann, C., Hupel, L., Michaelis, J., et al.: Verified iptables firewall analysis and verification. J. Autom. Reason. (2018). https://doi.org/10.1007/s10817-017-9445-1
Hu, H., Ahn, G.J., Kulkarni, K.: Detecting and resolving firewall policy anomalies. IEEE Trans. Dependable Secur. Comput. 9(3), 318–331 (2012)
Saâdaoui, A., Souayeh, N.B.Y.B., Bouhoula, A.: FARE: FDD-based firewall anomalies resolution tool. J. Comput. Sci. 23, 181–191 (2017)
Abbes, T., Bouhoula, A., Rusinowitch, M.: Detection of firewall configuration errors with updatable tree. Int. J. Inf. Secur. 15(3), 301–317 (2016)
Halle, S., Ngoupe, E.L., Villemaire, R., Cherkaoui, O.: Distributed firewall anomaly detection through LTL model checking. In: 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), pp. 194-201 (2013)
Cuppens, F., Cuppens-Boulahia, N., Garcia-Alfaro, J.: Detection and removal of firewall misconfiguration. In: Proceedings of the 2005 IASTED International Conference on Communication, Network and Information Security, vol. 1, pp. 154-162 (2005)
Hu, H., Ahn, G.J., Kulkarni, K.: Fame: a firewall anomaly management environment. In: Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, pp. 17-26 (2010)
Mayer, A., Wool, A., Ziskind, E.: Offline firewall analysis. Int. J. Inf. Secur. 5(3), 125–144 (2006). https://doi.org/10.1007/s10207-005-0074-z
Yuan, L., Chen, H., Mai, J., Chuah, C.N., Su, Z., Mohapatra, P.: FIREMAN: a toolkit for firewall modeling and analysis. In: IEEE Symposium on Security and Privacy, pp. 199–213 (2006)
Bodei, C., Degano, P., Focardi, R., Galletta, L., Tempesta, M., Veronese, L.: Firewall management with firewall synthesizer. In: CEUR Workshop Proceedings, vol. 2058, no. 16 (2018)
Phillips, I.: Assessing risk associated with firewall rules. U.S. Patent Application No 15/215,792 (2018)
Jaidi, F., Ayachi, F.L.: A risk awareness approach for monitoring the compliance of RBAC-based policies. In: Proceedings of the 12th International Conference on Security and Cryptography, (SECRYPT 2015), pp. 454–459 (2015)
Haslum, K., Abraham, A., Knapskog, S.: Fuzzy online risk assessment for distributed intrusion prediction and prevention systems. In: Proceedings of the Tenth International Conference on Computer Modeling and Simulation, pp. 216–223 (2008)
Ralstona, P.A.S., Grahamb, J.H., Hiebb, J.L.: Cyber security risk assessment for SCADA and DCS networks. ISA Trans. 46, 583–594 (2007)
Jaidi, F., Ayachi, F.L., Bouhoula, A.: A methodology and toolkit for deploying reliable security policies in critical infrastructures. Secur. Commun. Netw. 2018, 22 (2018)
Scarfone, K.J., Hoffman, P.: Guidelines on firewalls and firewall policy. In: National Institute of Standards and Technology, NIST Special Publication 800-41, Revision 1 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Jaïdi, F. (2020). A Novel Concept of Firewall-Filtering Service Based on Rules Trust-Risk Assessment. In: Madureira, A., Abraham, A., Gandhi, N., Silva, C., Antunes, M. (eds) Proceedings of the Tenth International Conference on Soft Computing and Pattern Recognition (SoCPaR 2018). SoCPaR 2018. Advances in Intelligent Systems and Computing, vol 942. Springer, Cham. https://doi.org/10.1007/978-3-030-17065-3_30
Download citation
DOI: https://doi.org/10.1007/978-3-030-17065-3_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-17064-6
Online ISBN: 978-3-030-17065-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)