The challenge to address in multi-firewall and security gateway environment is to implement conflict-free policies, necessary to avoid security inconsistency, and to optimize, at the same time, performances in term of average filtering time, in order to make firewalls stronger against DoS and DDoS attacks. Additionally the approach should be real time, based on the characteristics of network traffic. Our work defines an algorithm to find conflict free optimized device rule sets in real time, by relying on information gathered from traffic analysis. We show results obtained from our test environment demonstrating for computational power savings up to 24% with fully conflict free device policies
Automated framework for policy optimization in firewalls and security gateways / G., Maiolini; A., Nicotra; P., Tornari; Baiocchi, Andrea. - In: JOURNAL OF INFORMATION ASSURANCE AND SECURITY. - ISSN 1554-1010. - 4:(2009), pp. 301-310.
Automated framework for policy optimization in firewalls and security gateways
BAIOCCHI, Andrea
2009
Abstract
The challenge to address in multi-firewall and security gateway environment is to implement conflict-free policies, necessary to avoid security inconsistency, and to optimize, at the same time, performances in term of average filtering time, in order to make firewalls stronger against DoS and DDoS attacks. Additionally the approach should be real time, based on the characteristics of network traffic. Our work defines an algorithm to find conflict free optimized device rule sets in real time, by relying on information gathered from traffic analysis. We show results obtained from our test environment demonstrating for computational power savings up to 24% with fully conflict free device policiesFile | Dimensione | Formato | |
---|---|---|---|
JIAS_2009issue4_ACO.pdf
solo gestori archivio
Tipologia:
Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
204.9 kB
Formato
Adobe PDF
|
204.9 kB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.