Security rules management in firewall and security gateway is a hard and error prone task as administrators must correctly implement and update a large amount of policies especially when rapid changing occurs due to new security needs. The challenge to address in multi-firewall and security gateway environment is to implement conflict-free policies, necessary to avoid security inconsistency, and to optimize, at the same time, performances in term of average filtering time, in order to make firewalls stronger against DoS and DDoS attacks. Additionally the approach should be real time, based on the characteristics of network traffic. There is a vast amount of literature on security policy conflict detection and resolution and on device rule set shaping to improve policy implementation performance. Our work defines an algorithm to find conflict free optimized device rule sets in real time, by relying on information gathered from traffic analysis. We show results obtained from our test environment confirming that operational costs of devices could be improved based on traffic analysis via log files of the security device. We demonstrate computational power savings up to 24% with fully conflict free device policies. ©2008 IEEE.

Adaptive optimization of packet filtering devices performance ensuring a conflict-free network configuration / Gianluca, Maiolini; Lorenzo, Cignini; Baiocchi, Andrea. - (2008), pp. 1-6. (Intervento presentato al convegno 2008 IEEE INFOCOM Workshops tenutosi a Phoenix; United States nel 13 April 2008 through 18 April 2008) [10.1109/infocom.2008.4544614].

Adaptive optimization of packet filtering devices performance ensuring a conflict-free network configuration

BAIOCCHI, Andrea
2008

Abstract

Security rules management in firewall and security gateway is a hard and error prone task as administrators must correctly implement and update a large amount of policies especially when rapid changing occurs due to new security needs. The challenge to address in multi-firewall and security gateway environment is to implement conflict-free policies, necessary to avoid security inconsistency, and to optimize, at the same time, performances in term of average filtering time, in order to make firewalls stronger against DoS and DDoS attacks. Additionally the approach should be real time, based on the characteristics of network traffic. There is a vast amount of literature on security policy conflict detection and resolution and on device rule set shaping to improve policy implementation performance. Our work defines an algorithm to find conflict free optimized device rule sets in real time, by relying on information gathered from traffic analysis. We show results obtained from our test environment confirming that operational costs of devices could be improved based on traffic analysis via log files of the security device. We demonstrate computational power savings up to 24% with fully conflict free device policies. ©2008 IEEE.
2008
2008 IEEE INFOCOM Workshops
data mining; firewall; network management; optimization; security policy
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Adaptive optimization of packet filtering devices performance ensuring a conflict-free network configuration / Gianluca, Maiolini; Lorenzo, Cignini; Baiocchi, Andrea. - (2008), pp. 1-6. (Intervento presentato al convegno 2008 IEEE INFOCOM Workshops tenutosi a Phoenix; United States nel 13 April 2008 through 18 April 2008) [10.1109/infocom.2008.4544614].
File allegati a questo prodotto
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/368200
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact