research-article

A distributed firewall and active response architecture providing preemptive protection

Authors:

J. Lane Thames,

Randal Abler,

David KeelingAuthors Info & Claims

ACMSE '08: Proceedings of the 46th annual ACM Southeast Conference

Pages 220 - 225

https://doi.org/10.1145/1593105.1593162

Published: 28 March 2008 Publication History

Get Access

Abstract

Firewalls provide very good network security features. However, classical perimeter firewall deployments suffer from limitations due to complex network topologies and the inability to completely trust insiders of the network. Distributed firewalls are designed for alleviating these limitations. Intrusion detection is a mature technology and is very powerful when coupled with active response, which is the act of responding to intrusions without the need of human advisory. This paper describes an architecture that implements a distributed firewall with distributed active response. A fundamental result of the architecture is that it can provide proactive and preemptive security for hosts that deploy the system. Using the open-source software framework, the software implementing this proposed system will be provided to the research community so that the architecture can be extended by other researchers and so that newcomers to network security can start investigating security concepts quickly.

References

[1]

Axelsson, S., Intrusion Detection Systems: A Survey and Taxonomy, Technical Report, pp. 99--115, Dept. of Computer Engineering, Chalmers University of Technology, Sweden, March 2000

Google Scholar

[2]

Bellovin, S. M., Distributed Firewalls,; login:, Vol. 24, pp. 37--47, November 1999

Google Scholar

[3]

Ioannidis, S., Keromytis, A. D., Bellovin, S. M., Smith, J. M., Implementing a Distributed Firewall, In Proceedings of Computer and Communications Security (2000), CCS'00 pp. 190--1999

Digital Library

Google Scholar

[4]

Smith, R., Chen, Y., Bhattacharya, S., Cascade of Distributed and Cooperating Firewalls in a Secure Data Netwrok, IEEE Transactions on Knowledge and Data Enginnering, Vol. 15, NO. 5, pp. 1307--1315, 2003

Digital Library

Google Scholar

[5]

Zou, C., Towsley, D., Weibo, G., A Firewall Network System for Worm Defense in Enterprise Networks, Technical Report: TR-04-CSE-01, University of Massachusetts, Amherst, 2004

Google Scholar

[6]

Iptables Firewall, http://www.netfilter.org/

Google Scholar

[7]

SNORT IDS, http://www.snort.org/

Google Scholar

Cited By

View all

Rezapour AGhasemiGol MTakabi D(2024)A Systematic Mapping Study on Intrusion Response SystemsIEEE Access10.1109/ACCESS.2024.338199812(46524-46550)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3381998
Makhdoomi AJan NPalak Goel N(2022)Conventional and next generation firewalls in network security and its applications2022 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)10.1109/ICCCIS56430.2022.10037674(964-969)Online publication date: 4-Nov-2022
https://doi.org/10.1109/ICCCIS56430.2022.10037674
Vartolomei CAvasilcăi S(2020)Security and Privacy Implementation Framework as a Result of the Digitalization Process for Organizations in Different IndustriesInnovation in Sustainable Management and Entrepreneurship10.1007/978-3-030-44711-3_4(41-51)Online publication date: 30-May-2020
https://doi.org/10.1007/978-3-030-44711-3_4
Show More Cited By

Index Terms

A distributed firewall and active response architecture providing preemptive protection
1. Security and privacy
  1. Network security

Recommendations

A stateful CSG-based distributed firewall architecture for robust distributed security
COMSNETS'09: Proceedings of the First international conference on COMmunication Systems And NETworks

Distributed firewalls have been developed in order to provide networks with a higher level of protection than traditional firewalling mechanisms like gateway and host-based firewalls. Although distributed firewalls provide higher security, they too have ...
A Calculus for Distributed Firewall Specification and Verification
Proceedings of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06

This paper proposes a firewall specification calculus suited for expressing security policies implemented in distributed firewalls. Our syntax and semantics, inspired from the ambient calculus, allow the specification of filtering rules for both single ...
Firewall Policy Queries

Firewalls are crucial elements in network security, and have been widely deployed in most businesses and institutions for securing private networks. The function of a firewall is to examine each incoming and outgoing packet and decide whether to accept ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACMSE '08: Proceedings of the 46th annual ACM Southeast Conference

March 2008

548 pages

ISBN:9781605581057

DOI:10.1145/1593105

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 March 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ACM SE08

ACM SE08: ACM Southeast Regional Conference

March 28 - 29, 2008

Alabama, Auburn

Acceptance Rates

Overall Acceptance Rate 502 of 1,023 submissions, 49%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
669
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Rezapour AGhasemiGol MTakabi D(2024)A Systematic Mapping Study on Intrusion Response SystemsIEEE Access10.1109/ACCESS.2024.338199812(46524-46550)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3381998
Makhdoomi AJan NPalak Goel N(2022)Conventional and next generation firewalls in network security and its applications2022 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)10.1109/ICCCIS56430.2022.10037674(964-969)Online publication date: 4-Nov-2022
https://doi.org/10.1109/ICCCIS56430.2022.10037674
Vartolomei CAvasilcăi S(2020)Security and Privacy Implementation Framework as a Result of the Digitalization Process for Organizations in Different IndustriesInnovation in Sustainable Management and Entrepreneurship10.1007/978-3-030-44711-3_4(41-51)Online publication date: 30-May-2020
https://doi.org/10.1007/978-3-030-44711-3_4
Kamoun-Abid FMeddeb-Makhlouf AZarai FGuizani (2018)Distributed and Cooperative firewall/controller in cloud environmentsProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3230857(1-10)Online publication date: 27-Aug-2018
https://dl.acm.org/doi/10.1145/3230833.3230857
Amri SGuan L(2016)Infrastructure as a service: Exploring network access control challenges2016 SAI Computing Conference (SAI)10.1109/SAI.2016.7556042(596-603)Online publication date: Jul-2016
https://doi.org/10.1109/SAI.2016.7556042
Liyanage GFernando S(2013)Firewall model for cloud computing2013 IEEE 8th International Conference on Industrial and Information Systems10.1109/ICIInfS.2013.6731960(86-91)Online publication date: Dec-2013
https://doi.org/10.1109/ICIInfS.2013.6731960
Biddle RChiasson SVan Oorschot P(2012)Graphical passwordsACM Computing Surveys10.1145/2333112.233311444:4(1-41)Online publication date: 7-Sep-2012
https://dl.acm.org/doi/10.1145/2333112.2333114
Thames LAbler R(2008)Work in progress - mentoring undergraduate students preparing for graduate study in engineering-a CREATE case study2008 38th Annual Frontiers in Education Conference10.1109/FIE.2008.4720664(F4F-12-F4F-13)Online publication date: Oct-2008
https://doi.org/10.1109/FIE.2008.4720664

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

A stateful CSG-based distributed firewall architecture for robust distributed security

A Calculus for Distributed Firewall Specification and Verification

Firewall Policy Queries