当前位置: X-MOL 学术J. Internet Serv. Appl. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A new approach to deploy a self-adaptive distributed firewall
Journal of Internet Services and Applications Pub Date : 2018-06-04 , DOI: 10.1186/s13174-018-0083-6
Edmilson P. da Costa Júnior , Carlos Eduardo da Silva , Marcos Pinheiro , Silvio Sampaio

Distributed firewall systems emerged with the proposal of protecting individual hosts against attacks originating from inside the network. In these systems, firewall rules are centrally created, then distributed and enforced on all servers that compose the firewall, restricting which services will be available. However, this approach lacks protection against software vulnerabilities that can make network services vulnerable to attacks, since firewalls usually do not scan application protocols. In this sense, from the discovery of any vulnerability until the publication and application of patches there is an exposure window that should be reduced. In this context, this article presents Self-Adaptive Distributed Firewall (SADF). Our approach is based on monitoring hosts and using a vulnerability assessment system to detect vulnerable services, integrated with components capable of deciding and applying firewall rules on affected hosts. In this way, SADF can respond to vulnerabilities discovered in these hosts, helping to mitigate the risk of exploiting the vulnerability. Our system was evaluated in the context of a simulated network environment, where the results achieved demonstrate its viability.

中文翻译:

部署自适应分布式防火墙的新方法

提出了保护个人主机免受来自网络内部的攻击的提议,分布式防火墙系统应运而生。在这些系统中,防火墙规则是集中创建的,然后在组成防火墙的所有服务器上分发和实施,从而限制了哪些服务可用。但是,由于防火墙通常不扫描应用程序协议,因此这种方法缺乏针对软件漏洞的保护措施,这些漏洞可能会使网络服务容易受到攻击。从这个意义上说,从发现任何漏洞直到发布和应用补丁,都有一个应该减少的暴露窗口。在这种情况下,本文介绍了自适应分布式防火墙(SADF)。我们的方法基于监视主机并使用漏洞评估系统来检测易受攻击的服务,与能够确定并在受影响的主机上应用防火墙规则的组件集成在一起。这样,SADF可以响应在这些主机中发现的漏洞,从而有助于降低利用该漏洞的风险。我们的系统是在模拟网络环境中进行评估的,所获得的结果证明了其可行性。
更新日期:2018-06-04
down
wechat
bug