Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Packet Filter Firewall Rule Anomalies and Mitigation Techniques:A Technical Review


Affiliations
1 MVGR College of Engineering, Vizianagaram, AP, India
2 Andhra University College of Engineering, Visakhapatnam, AP, India
3 University College of Engineering, JNTU Kakinada, Kakinada, AP, India
     

   Subscribe/Renew Journal


Protection cannot be given to an organization’s network perimeter without a firewall. A firewall is a tool to implement the security policy of the management, and filter incoming or outgoing network traffic accordingly. One of the major issues with packet filter firewall is rule anomalies. Due to human mistakes the rule configuration may be erroneous that leads to unintended behavior of the firewall. These anomalies may result in non-availability of network resources to legitimate users or may also pose a threat by increasing the attack surface. Therefore detection and mitigation of packet filter firewall rule anomalies is an important topic of research. This paper tries to stimulate the research aptitude in this direction by describing the types of anomalies along with surveying the literature for detection and mitigation techniques. This work highlights the advantage of Ant Colony Optimization in removing firewall rule misconfigurations. This paper also highlights the performance measuring parameters that are used to evaluate and assess the firewall.

Keywords

Firewall, Rule Anomalies, Detection, Mitigation, Shadow, Generalization, Correlation, Redundancy, Ant Colony Optimization.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 182

PDF Views: 4




  • Packet Filter Firewall Rule Anomalies and Mitigation Techniques:A Technical Review

Abstract Views: 182  |  PDF Views: 4

Authors

P. Ravi Kiran Varma
MVGR College of Engineering, Vizianagaram, AP, India
V. Valli Kumari
Andhra University College of Engineering, Visakhapatnam, AP, India
S. Srinivas Kumar
University College of Engineering, JNTU Kakinada, Kakinada, AP, India

Abstract


Protection cannot be given to an organization’s network perimeter without a firewall. A firewall is a tool to implement the security policy of the management, and filter incoming or outgoing network traffic accordingly. One of the major issues with packet filter firewall is rule anomalies. Due to human mistakes the rule configuration may be erroneous that leads to unintended behavior of the firewall. These anomalies may result in non-availability of network resources to legitimate users or may also pose a threat by increasing the attack surface. Therefore detection and mitigation of packet filter firewall rule anomalies is an important topic of research. This paper tries to stimulate the research aptitude in this direction by describing the types of anomalies along with surveying the literature for detection and mitigation techniques. This work highlights the advantage of Ant Colony Optimization in removing firewall rule misconfigurations. This paper also highlights the performance measuring parameters that are used to evaluate and assess the firewall.

Keywords


Firewall, Rule Anomalies, Detection, Mitigation, Shadow, Generalization, Correlation, Redundancy, Ant Colony Optimization.