SlideShare una empresa de Scribd logo

Cr32585591

IJERA Editor
IJERA Editor

IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com

Tecnología
1 de 7
Descargar para leer sin conexión
Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 A Survey on Security Issues in Firewalls: A New Approach for Classifying Firewall Vulnerabilities Iman Kashefi*, Maryam Kassiri**, Ali Shahidinejad*** *(Faculty of Computing (FC), Universiti Teknologi Malaysia (UTM), 81300 Johor Bahru, Malaysia,) **(Faculty of Computer Engineering, Robat Karim Branch, Islamic Azad University, Tehran, Iran,) ***(Faculty of Computing (FC), Universiti Teknologi Malaysia (UTM), 81300 Johor Bahru, Malaysia,) ABSTRACT Along with the increasing growth of from outside the network, but it is not supposed to computer networks, security threats multiplies guard the network from an insider attack. On the and accordingly improving and enhancing the other hand restraining inside attacks by access network security devices and methods become a controlling has negative influence on user efficiency necessity. Firewalls as the first line of defense [3]. have irrefutable importance in securing a With respect to the crucial role of firewalls network; therefore improvement in this in network security, a systematic study on firewalls technology ensures higher level of security in vulnerabilities is needed to further categorize the computer networks. Any improvement or novel limitations with the purpose of helping researchers to ideas are not achieved unless a deep analysis of gain a good perspective of problems in the first place the existing methods and current needs takes to find practical solution to enhance the robustness of place. In this paper the vulnerabilities of security. firewalls according to their natures and also This paper is divided into three sections; in various types of firewalls are classified in order the first section firewall and its types are described, to create a better perspective for future research. the aim of the second section is to categorize firewall Also some of the current approaches to mitigate vulnerabilities according to their nature and various these vulnerabilities are mentioned and firewall types and some of the current solutions to mitigate fingerprinting as a technique which makes the vulnerabilities are presented, and finally the last attackers able to obtain more precise information section briefly describes firewall fingerprinting about firewalls` vulnerabilities in order to exploit which can be used by attackers to identify type and them is presented. characteristics of a firewall to misuse its vulnerabilities with the aim of launching a successful Keywords – Firewalls, Firewall Fingerprinting, attack. Firewalls vulnerabilities, Network Attacks, Network Security II. FIREWALL AND ITS TYPES Firewalls have significant role in securing a I. INTRODUCTION network. For the purpose of protecting a network, Firewall is one of the most powerful firewall is used as the first line defense in almost security guards that has been used widespread as a every organization [4]. Firewall is considered as one primary part of every network [1]. First it was of the efficient tools in providing top level of assumed to exist between two networks; however, security in computer networks [5]. A firewall is a with the growth in use of internet and small size device or a system designed to block unpermitted networks, it changed to one of the crucial aspect of access from inside or outside a private network. The every gateway to clog external intruder from greatest functionality of the firewall is filtering, in accessing to LANs and any other private network. other words firewall has the responsibility of Since the firewalls are considered as the first and diverting the traffic with respect to pre-set policies, main line of defense in monitoring the inbound and and by this means it can protect the system or outbound traffic in enterprise and backbone network from flooding types of attacks [6]. As it is networks, the security and reliability issues are mentioned earlier, firewalls are used greatly for significantly important and should be carefully taken preventing unpermitted internet user from gaining into consideration. access to a private network which is connected to In spite of the fact that firewalls are the internet and this is achieved by filtering each considered as a useful defender in certain attacks, it incoming or outgoing packet to assure that both the comes with security holes that can be bypassed in source and destination of packets are trusted. some cases. Regarding the nature of computer and Normally, firewalls configuration is in the way that network devices, firewalls also have some protect network from unauthorized interactive login limitations that can be misused by attackers [2]. For from outside. In this way “hackers” are prevented example a firewall can impede the intruders’ access from logging into systems in a private network. 585 | P a g e
Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 Firewalls are vital, regarding to the fact that they recourses such as memory with higher capacity are have ability to provide a block point where security required. is at risk. By constantly monitoring the traffic, • Stateful Inspection firewalls: These kinds of firewalls can provide a safe auditing and logging, in firewalls are the more advanced form of the stateful most cases, they provide logs to the administrator packet filtering firewalls. Stateful packet filtering about the type and volume of the network traffic. firewalls are generally used for application that This block point does its job as an armed guard demand multiple ports, such as FTP applications. does. All incoming and outgoing data should pass They check the payload and optionally open and through the firewall which control each single close ports on the fly as per the protocol. This can be packet and obstruct those that are against the achieved through rules configuration and gain security criteria and pre-set rules. Firewalls rules are information concerning the fourth layer to the a set of predefined rules that each rule have an seventh layer of the protocol stack. action and a related condition. The action is either • Proxy firewalls: These firewalls isolate private deny or accept, while the related condition network within internet. They evaluate the protocol determines some information of the packets like the syntax by breaking apart the connection between source and destination IP address, port number, client and server. These kinds of firewalls offer a protocol, and so forth. To maintain a decision higher level of security among the other types of regarding an individual packet, the rules are checked firewalls, but it is at the cost of functionality and in turn till the first rule that its condition is met by speed, since they have the ability to limit the the fields of the packet found. Generally the rule set applications which your network can support. In is fully in detailed. When a firewall receives a contrary to stateful firewall that gives access or packet, it checks out its protocol, the source and inhibits incoming or outgoing network packets in a destination address and ports. Then the firewall protected network, traffic does not deluge through a compares the rules against the details of the packet proxy. Alternately, computers constitute a until it finds a match. Different firewalls connection to the proxy that servers are intermediary deployment applies various sequences of rules. devices, and commence a new network connection Generally there are two matching strategies [7], on the side of the request. In this way straight single trigger and multi-trigger. Single trigger connections between systems on the both sides of the processing works in the way that as soon as it firewall are prevented, therefore it is not so easy for matches a rule, the action of it will be performed, an intruder to explore where the network is, just while multi-trigger processing works in opposite because they can never receive packets straightly way. In other words it performs the action of the last from the target system. The main disadvantage of matching rule. this firewall is the need for huge network resources. There are different ways to categorize types of firewall according to their architecture, III. FIREWALL VULNERABLITIES AND THE functionality and their usage. Normally, from the MITIGATION THECHNIQUES user point of view firewalls can be divided into two In this part the most important firewalls types; hardware and software, but according to their limitations and vulnerabilities are classified and architecture and functionality, a range from packet existing proposed solution for mitigating them will level to proxy firewalls can be defined, some of them be presented. “A firewall vulnerability is an error, are mentioned below [8]: weakness, or an invalid assumption made during • Static Packet filtering firewalls: These kinds of firewall design, implementation, or configuration, firewalls sequence the packets concerning to that can be exploited to attack the trusted network allow/deny rules. It is done by the means of fields the firewall is supposed to protect” [9]. According to information on the header such as; host/ destination this definition all the firewalls vulnerabilities can be address or port numbers etc. this analysis is not in classified in two main categories: (1) Vulnerabilities depths, i.e., malicious code detection is not due to firewalls inherent limitations and design performed and each packet is examined as a single defects, (2) Vulnerabilities due to misconfiguration entity. The primary weakness of these firewalls is the or weaknesses in implementation. inability to sustain against fragment and spoofing attacks. 3.1 Vulnerabilities due to firewalls inherent • Stateful packet filtering firewalls: These limitations firewalls keep states of performance. Normally, in a Firewalls present an unreal illustration of client/server environment, client initiates a security regarding to the fact that their inherent conversation with server and waits for server defects are constantly imposed to the hackers. These response. Accordingly responses are permitted to failings are caused by improper designs of the bypass the firewalls rules. In this way a better firewalls. Notwithstanding their helpfulness in optimization in screening process is achieved that providing security, they have some basic leads to empower the overall performance of imperfections which hackers use to break into firewall. In order to keep state tables, additional 586 | P a g e
Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 network. This problem causes inefficiency in constantly observing and patching the software in guarding network. the DMZ and intranet. This firewall model conquers Some of these limitations are common in both a problem in traditional firewalls concerning VPN software and hardware firewalls while some are traffic. Portable users require access to organization only found in software firewalls: data when they are out of office. Therefore they apply VPNs with the purpose of gaining access in a 3.1.1 Common limitations in software and secure way. VPNs are not capable of guarding hardware firewalls user’s laptop or personal computer and these The most common vulnerabilities in software and computers change into the potential places to threat hardware firewalls are mentioned below: the organization security because they are inherently • Insider attacks: firewalls do not provide two hosted to the organization’s intranet and protection from insider threats i.e. Insider Attacks. It internet. They provide a security hole for an is acknowledged that insiders impose risks to attacker. Traditional firewalls cannot do much to the security when they have limitless access to traffic which is end-to-end encrypted [11]. The information, knowledge and valuable assets of their model is designed in the way that put the security in organization. They are granted access legitimately the focal point and the security is not overlooked for and this can easily jeopardize the security of the performance reasons. The firewall model is based organization [10]. Firewalls sniff the packets in the on three concepts. First, most of the attacks have the boundaries of the networks and do nothing for the inside source. Limiting the attacking abilities of domestic traffic flow. Therefore, it is not practical individual host, leads to a secure internal network. for the intrusions which come from inside the In this way overall security is enhanced as disarmed network [8]. internal host is not assumed as a threat to the rest of • Traffic that doesn’t go through firewall: There the internet. Second, attacks are implemented in the are ways to route the illegitimate traffic through way that harms the network from the known unpermitted path that does not pass through the vulnerabilities. These vulnerabilities are usually firewall. found in certain software’s versions. In any types of • Tunneling; Tunneling is one of the common attack, first the intruder tries to obtain the software’s methods applied to bypass the firewall; one can version to plan the attack in a way that imposes the envelop message for a protocol inside some other published vulnerability. The information achieved message format [8]. by fingerprinting or social engineering is crucial for • Internet threats like virus attack or password the success of an attack. Disguising the identity of cracking: Firewalls do not carry out deep the OS or server software will inhibit attackers to exploration to detect malicious codes in the packets; commence attacks. Third, security administrator in this way they are likely to ignore some threats of may elude to install software patches due to various this kind. reasons such as unreliability, inaccuracy, Below are some of the recommended solution irrevocability, and lack of enough knowledge. For and novel firewall models to alleviate above this reason an automatic mechanism should be in vulnerabilities: place to install necessary updates as soon as they appear. By this means attacker have less chance to Multipurpose firewalls: Intrusion detection intrude to the network. And this is only practical systems have been used in order to audit whole with the emergence of networks that convey activities inside a network but not as a specific software patches [12]. mechanism against insider attacks. Disarming firewall proposed by Zubair A. Shaikh and Furqan Distributed firewalls: Another approach to Ahmed[11] is a multipurpose firewall which offers alleviate the above mentioned vulnerabilities is some defense mechanism against insiders. This applying distributed firewalls. firewall is a combination of various components; Distributed firewalls have been designed with the each of them presents distinct purpose. It bounds the purpose of providing higher level protection than attacking capabilities of all internal resources, in this traditional firewalls such as gateway and host-based way it can protect network against harmful insiders. firewalls. Distributed firewalls have been developed Owing to the fact that gaining information from an in response to the need of securing network from end system is the first step for an attack, the firewall insider attacks and of course cover the weakness of masks the identity of OS and server software which either gateway or host-based firewalls. According to is positioned in DMZ from either internal or Ioannidis et al. [13], “a distributed firewall is a external users. The disarming firewall model takes mechanism that enforces a centralized security advantage of the strengths of different methods to policy but the latter is applied at the edges”. maintain the security. The significant strengths of Distributed firewalls are designed in the way that this firewall are bounding the intrusion abilities of regulates software applications which are resided in internal source, masking the identity of OS and host that have the responsibility of protecting a server software in DMZ to obstruct attacks, and network against unauthorized access. The notional 587 | P a g e
Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 design of distributed firewalls are based on three [17]. In both deployments unified communication elements [14]: First, A common place policy interface is needed. It is proved that linkage method language which is employed for determining takes advantage of independency, high reliability, security policies which are distributed to the firewall and less response time in contrary to the integrated endpoints to configure distributed firewalls. Second, approach. Network-wide mechanisms for the distribution and application of the security policy files to the 3.1.2 Vulnerabilities in software firewalls distributed firewall endpoints. Third, IPsec: security Nowadays software firewalls are the most protocol that maintain network-level encryption for popular choice for installing on personal computers. the secure transmission of the security policy. They use internet access control mechanism to Distributed firewalls have following strengths: provide higher level of security for internet users. • Centralized management: Security policies are These kinds of firewalls have vulnerabilities that can planned centrally and then publish to the various be bypassed in various ways at different layers of endpoints for execution. Adherence of security networks. This is essentially due to the fact that policies through the network and managing the these kinds of firewalls are software. They are not deployment is improved. designed based on a proper architecture; therefore • Defense in depth: when distributed firewall is they allow some traffic and application to pass used with the gateways firewall, the security layers through them. Below are some of the theoretical are notably increased which makes it more difficult bypassing ways [18]. for an intruder to break into the network. Because it • NIC Adapter Driver: An easiest way to bypass saves the time for other kind of defense mechanisms any kind of software firewall is to plan the program to counteract the hazard dramatically and in the way that runs in a lower level. Regarding to accordingly delay and prevent the distribution of the fact that the commercial personal firewall threat in the network. execute at NDIS level while NDIS is located Distributed firewalls also have their own between NIC and protocol driver, therefore if the limitations like decrease in network performance program runs at NIC level, it can bypass the and increase in host load. Therefore in order to firewall. However, it is not practical since the mitigate these disadvantages several architectures Trojan code which is programmed for a specific and models have been introduced and still should be NIC will not be able to run on the others. improved. • Prevent Loading: Since these firewalls occasionally store data in the registry, if the registry Combining firewall and IDS: There are two is manipulated, it may be feasible to obstruct some approaches to combine firewalls and IDS: integrated firewalls from running after restarting the system. approach and linkage approach. In first approach • Uninstall: Another way to bypass a personal both IDS and firewall are placed in one system firewall is by simply uninstalling theme. There are while in second approach they are in two separate many hacking codes which are particularly designed subsystems [15]. to uninstall famous firewalls. • Integrated Approach: The integrated approach • Application Masquerade: Generally the benefits from the advantages of the revelation ability firewalls do not obstruct all the traffic. Some of the detection system along with the blocking applications are permitted for getting access to the capability of the firewall. In this approach the host internet. Sometimes hackers program a malicious IDS and host firewall are placed in the same system. code in the way that it seems like a trusted program, Since the IDS is constantly monitoring the network, so it can simply bypass the firewall. it provides the access control strategy source to the • Application Control: Sometimes a program host firewall. In this way malicious requests are employs a trusted application to send and get detected before the attack occurs [16]. In this unauthorized messages to outside, should the approach traditional access control is combined with program be able to manage the way the programs intrusion detection technology to supply essential uses to perform its actions. information to enable the firewall to block attacks. • Network-monitoring programs: Approximately • In this method, the host firewall is located in a network-monitoring programs are overlooked by one system while the host intrusion detection system personal firewall. It is obvious that if a malicious is running on a separate system. The hosts interact program can work like one of the network in a meaningful manner to share the information to monitoring software, it will be able to bypass enhance the security level to maximum possible personal firewall. degree. This method differentiates from integrated method in the location of the IDS and the firewall. It can be concluded from the above that This approach has dual implementations. In the first personal firewalls are defenseless to many deployment the host firewall is directly linked to intrusions. To improve the level of protection of host IDS, while in the second deployment, a transfer personal firewall to a higher degree, it is device is employed to link the two hosts indirectly recommended to use it along with constantly up-to- 588 | P a g e
Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 date antivirus software. Concurrently, it can be a worth pointing out that the primary concerns of potential field for research to fortify the protection firewall designers are security robustness rather than level of personal firewalls from hardware great usability. Nevertheless more the usability perspective. improved, the better results achieved. There is fine balance between usability and security that it only realized by comprehensive design which includes 3.2 Vulnerabilities due to misconfiguration usability in development phases. There are many While the part of vulnerabilities which usability best practices for security design which can come from misconfigurations are the result of be taken into account. It is possible to classify the weakness and complexity of firewalls design and usability issues in two main classes. First there is user interfaces, there are notable reasons which ambiguity in information or sometimes lack of concerning user faults and their incapability of knowledge when the users should make decision on implementing and managing different aspects of security issues. Second, poor user interfaces which firewalls. Carelessness and misuse can be the result in security alerts ignorance. As a solution to biggest threat to any security system anywhere [19]. this problem, firewall designer can fortify the It is worth mentioning that improper use of quality of information through the results from security system can be more detrimental than usability testing with end users. Moreover, it can be relinquish the use of them. The false illustration of a good practice to involve usability experts in design security that inspired by a misconfigured firewall process. makes users behave like they are fully secured, while they are treated with the same risks. Personal IV. FIREWALL FINGERPRINTING firewall are imposed more to misconfiguration, Vulnerabilities mentioned in the previous since the knowledge for implementing firewall in section both in hardware and software firewalls the safe manner may go beyond the capability of along with other vulnerabilities caused by flaws and common users. shortcomings that may exist in some specific models The following are the common vulnerabilities of different firewall brands are more probable to be associated with misconfigurations of the firewalls exploited by attackers if they can acquire enough [9]: information about the employed firewall in a • ICMP allowed, e.g., the firewall can be pinged; computer network. • Denial rather than drop the traffic to ports which are blocked by the firewall. This provides the Regarding to the fact that firewalls are attacker with additional information, or improves usually positioned in a network so that they are the speed of the attacker’s port scan; invisible to the users, the identification of them to • Misconfiguration that allows a TCP pings of explode their vulnerabilities to do a successful internal hosts with Internet-routable IP addresses attack is dramatically complicated. To launch a (e.g., in-bound TCP 80 is not restricted to the web successful attack, the first step that the attacker server) should take is fingerprinting, i.e., finding the • Trust of certain IP addresses firewall implementation, encompassing the brand • Availability of extra/unnecessary services on name, software/firmware version, etc. Providing the firewall that we figure out all possible ways that attackers • Unnecessarily open TCP and UDP ports employ to fingerprint a firewall, we will be able to design required countermeasures accordingly. As mentioned before a part of misconfigurations are related to some other A recent research conducted by Amir R. important issues such as configuring inattentively. Khakpour et al. presents a set of techniques that For instance when the program needs to be acquire some basic information about firewalls configured, occasionally it may happen that the using the processing time of each inquiry packet and users are tired of responding to many questions and can be employed to find firewall implementation. perfunctorily switch off the security warnings. By precisely measuring packet processing time, it is These kinds of problems take place because of poor possible to fingerprint firewalls to figure out the usability in personal firewalls. Poor usability of a type of packet classification algorithms, sensitivity security system can have severe aftereffects as are of firewall performance to traffic load, and other mentioned in several articles. According to Bander characteristics. They proposed some ways to Alfayyadh et al. [19], usability of personal firewalls identify the firewall characteristics that are is especially important and interesting to study announced by firewall implementations. Even because most of the personal firewall users have though the firewall is designed like a black box, little information about security issues. They have attackers can misuse vulnerabilities of these kinds of shown that the main problems arose in personal firewalls from their characteristics that are precisely computer are due to the poor usability that identified to launch effective attacks. They accordingly result in security vulnerabilities. It is presented two methods for deducting firewall 589 | P a g e
Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 implementation using these characteristics. The first [2] Cisco Firewall Services Module DoS method is concerned with firewall decision while vulnerability, receiving a sequence of TCP packets that carry http://www.netsecurity.org/secworld.php?i unusual flags; the second method is based on d=10673, 2011. machine learning techniques [20]. By using these [3] J. Craig Lowery , Computer System methods they could acquire relatively accurate data Security: A Primer, March 2002, about the firewalls and could successfully http://www.craiglowery.com/pres/Compute fingerprint the three different types of firewalls, r%20System%20Security- both software and hardware, which they had used %20A%20Primer.pdf for this project. [4] W. Geng, S. Flinn, and J. DcDeourek, Usable firewall The results of their work show that firewall configuration, Proc. 3rd Annual Conference fingerprinting can become a serious issue that on Privacy, Security and Trust, Institute causes exposure of firewall vulnerabilities and of information technology, national should be taken into consideration simultaneously research council Canada, 2005. along with making effort to mitigate firewalls [5] Ghiran, A.M., Silaghi, G.C., and Tomai N., vulnerabilities. Ontology based tools for automating integration V. CONCLUSION and validation of firewall rules, Proc. of The classification of firewall vulnerabilities 12th international conference on Business which is presented in this paper along with the Information Systems, Poland, 2009, 37-48. mentioned existing solutions can be a helpful [6] V.M. Boncheva, A Short Survey of guideline for researchers who aim to enhance the Intrusion Detection Systems, Problems of security of firewalls and also can give them a clear Engineering Cybernetics and Robotics, 58, and precise perspective of existing problems in this 2007. field. [7] V. Zaliva, Firewall Policy Modeling, Analysis and Simulation: a Survey , Integrating the capabilities of firewalls and 2010. IDS and also fortifying the protection level of [8] S. Beg, U. Naru, M. Ashraf, and S. personal firewalls from hardware perspective still Mohsin, Feasibility of Intrusion Detection can be potential fields for future researches. System with High Performance Regarding this study on existing types of Computing: A Survey, IJACS, December vulnerabilities and also defense models in firewalls, 2010 . a unified model which takes benefit from the [9] S. Kamara, S. Fahmy, E. Schultz, F. strength points of different solutions and Kerschbaum, and M. Frantzen, Analysis of accordingly mitigate the vulnerabilities of the Vulnerabilities in Internet Firewalls, models to maximize the robustness of security and CERIAS. protection capability of network may be a good [10] C. Colwill, Human factors in information solution. Although integrating various models in a security: The insider threat - Who can you system may cause some conflicts and have inverse trust these days?, Information Security effects, still there would be a potential area for Technical Report. 2010, 14(4), 186-196. further research to propose an integrated model that [11] Z. A. Shaikh and F. Ahmed, Disarming brings more security. Moreover, not only practical Firewall, Proc. International Conference solutions to improve the security in firewalls on Information and Emerging through mitigating their vulnerabilities should be Technologies, ICIET, 2010. carefully followed, but also in the meanwhile, [12] J. Li, P. L. Reiher, and G. J. Popek. conducting a research for finding countermeasures Resilient Self-Organizing Overlay to prevent firewalls from being fingerprinted by Networks for Security Update Delivery. attackers should be taken into consideration, since IEEE Journal on Selected Areas in firewall fingerprinting increases the probability of Communications (JSAC), January 2004 exposure of vulnerabilities to the security attacks. [13] S. loannidis, A. D. Keromytis, S. M. Bellovin, and 1. M. Smith, Implementing a REFERENCES distributed firewall, Proc. 7th ACM Conj. [1] R. Bace, An Introduction to Intrusion Computer and communications security, Detection and Assessment for System Athens, 2000. and network security Management, [14] V. Ramsurrun and K. M. S. Soyjaudah, A ICSA, Inc Stateful CSG-based Distributed Firewall http://www.icsalabs.com/icsa/docs/html/co Architecture for Robust Distributed mmunities/ids/whitepaper/Intrusion1.pdf. Security, UoM. 590 | P a g e
Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 [15] Zh. Lili and C. Tian-jie. Intrusion Detection Based on Intelligence and Collaboration Technology Computer, 2008, 24 (2): 66-68. [16] Zh. Tao-gai and L. Ke, A New Design of Linkage Based on IDS, Henan Institute of Engineering (Natural Science), Vol • 21, No • 3 Sep. 2009. [17] Zh. Zhong-hui and C. Jia-qing, Intrusion Prevention System Based on Linkage Mechanism Computer age, 2006, (7) :28- 29 [18] R. Chiong and S. Dhakal, On the Insecurity of Personal Firewall , IEEE, 2008. [19] B. Alfayyadh, A. Jøsang, M. Alzomai and J. Ponting, Vulnerabilities in Personal Firewalls Caused by Poor Security Usability , IEEE, 2010 [20] A. R. Khakpour et al. , “Firewall Fingerprinting”, 2012 Proceeding IEEE INFOCAM, 2012 591 | P a g e

Recomendados

Context-Aware Intrusion Detection and Tolerance in MANETs
Context-Aware Intrusion Detection and Tolerance in MANETsContext-Aware Intrusion Detection and Tolerance in MANETs
Context-Aware Intrusion Detection and Tolerance in MANETsIDES Editor
 
Security in manet via different intrusion detection techniques
Security in manet via different intrusion detection techniquesSecurity in manet via different intrusion detection techniques
Security in manet via different intrusion detection techniquesIAEME Publication
 
Analysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor networkAnalysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor networkijwmn
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptRevanth71
 
Security Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksSecurity Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksCSCJournals
 
A technical review and comparative analysis of machine learning techniques fo...
A technical review and comparative analysis of machine learning techniques fo...A technical review and comparative analysis of machine learning techniques fo...
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
 
A Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentA Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentAM Publications,India
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 

Recomendados

Context-Aware Intrusion Detection and Tolerance in MANETs
Context-Aware Intrusion Detection and Tolerance in MANETsContext-Aware Intrusion Detection and Tolerance in MANETs
Context-Aware Intrusion Detection and Tolerance in MANETsIDES Editor
 
Security in manet via different intrusion detection techniques
Security in manet via different intrusion detection techniquesSecurity in manet via different intrusion detection techniques
Security in manet via different intrusion detection techniquesIAEME Publication
 
Analysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor networkAnalysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor networkijwmn
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptRevanth71
 
Security Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksSecurity Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksCSCJournals
 
A technical review and comparative analysis of machine learning techniques fo...
A technical review and comparative analysis of machine learning techniques fo...A technical review and comparative analysis of machine learning techniques fo...
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
 
A Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentA Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentAM Publications,India
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...IJNSA Journal
 
D43021519
D43021519D43021519
D43021519IJERA Editor
 
Group G
Group GGroup G
Group Gs1160113
 
Network security
Network securityNetwork security
Network securitynageshkanna13
 
Wireless networks security
Wireless networks securityWireless networks security
Wireless networks securityelango30
 
wireless sensor network security
wireless sensor network securitywireless sensor network security
wireless sensor network securityaibad ahmed
 
Gw2412271231
Gw2412271231Gw2412271231
Gw2412271231IJERA Editor
 
A Security Overview of Wireless Sensor Network
A Security Overview of Wireless Sensor NetworkA Security Overview of Wireless Sensor Network
A Security Overview of Wireless Sensor NetworkIJCSIS Research Publications
 
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...IRJET Journal
 
Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Tarek Gaber
 
Attacks and counterattacks on wireless sensor networks
Attacks and counterattacks on wireless sensor networksAttacks and counterattacks on wireless sensor networks
Attacks and counterattacks on wireless sensor networksijasuc
 
Security issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksSecurity issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksMd Waresul Islam
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALASaikiran Panjala
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentationNitesh Dubey
 
Firewall
FirewallFirewall
FirewallArchanaMani2
 
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)IRJET Journal
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionIOSR Journals
 
Firewall
FirewallFirewall
FirewallShiva Krishna Chandra Shekar
 
Cl32543545
Cl32543545Cl32543545
Cl32543545IJERA Editor
 
Ct32595603
Ct32595603Ct32595603
Ct32595603IJERA Editor
 
Cv32608610
Cv32608610Cv32608610
Cv32608610IJERA Editor
 
Cy32624628
Cy32624628Cy32624628
Cy32624628IJERA Editor
 

Más contenido relacionado

La actualidad más candente

HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...IJNSA Journal
 
Wireless networks security
Wireless networks securityWireless networks security
Wireless networks securityelango30
 
wireless sensor network security
wireless sensor network securitywireless sensor network security
wireless sensor network securityaibad ahmed
 
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...IRJET Journal
 
Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Tarek Gaber
 
Attacks and counterattacks on wireless sensor networks
Attacks and counterattacks on wireless sensor networksAttacks and counterattacks on wireless sensor networks
Attacks and counterattacks on wireless sensor networksijasuc
 
Security issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksSecurity issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksMd Waresul Islam
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALASaikiran Panjala
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentationNitesh Dubey
 
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)IRJET Journal
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionIOSR Journals
 

La actualidad más candente (18)

HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
 
D43021519
D43021519D43021519
D43021519
 
Group G
Group GGroup G
Group G
 
Network security
Network securityNetwork security
Network security
 
Wireless networks security
Wireless networks securityWireless networks security
Wireless networks security
 
wireless sensor network security
wireless sensor network securitywireless sensor network security
wireless sensor network security
 
Gw2412271231
Gw2412271231Gw2412271231
Gw2412271231
 
A Security Overview of Wireless Sensor Network
A Security Overview of Wireless Sensor NetworkA Security Overview of Wireless Sensor Network
A Security Overview of Wireless Sensor Network
 
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...
Wireless Sensor Network: Internet Model Layer Based Security Attacks and thei...
 
Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014
 
Attacks and counterattacks on wireless sensor networks
Attacks and counterattacks on wireless sensor networksAttacks and counterattacks on wireless sensor networks
Attacks and counterattacks on wireless sensor networks
 
Security issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networksSecurity issues and attacks in wireless sensor networks
Security issues and attacks in wireless sensor networks
 
FIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALAFIREWALLS BY SAIKIRAN PANJALA
FIREWALLS BY SAIKIRAN PANJALA
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentation
 
Firewall
FirewallFirewall
Firewall
 
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
 
Firewall
FirewallFirewall
Firewall
 

Destacado

[PT] trendwatching.com’s MI CASA ES TU CASA
[PT] trendwatching.com’s MI CASA ES TU CASA[PT] trendwatching.com’s MI CASA ES TU CASA
[PT] trendwatching.com’s MI CASA ES TU CASATrendWatching
 

Destacado (20)

Cl32543545
Cl32543545Cl32543545
Cl32543545
 
Ct32595603
Ct32595603Ct32595603
Ct32595603
 
Cv32608610
Cv32608610Cv32608610
Cv32608610
 
Cy32624628
Cy32624628Cy32624628
Cy32624628
 
Dd32653661
Dd32653661Dd32653661
Dd32653661
 
A350103
A350103A350103
A350103
 
Bl34395398
Bl34395398Bl34395398
Bl34395398
 
H344250
H344250H344250
H344250
 
F343236
F343236F343236
F343236
 
Cm34531538
Cm34531538Cm34531538
Cm34531538
 
Cc34479483
Cc34479483Cc34479483
Cc34479483
 
Cl34527530
Cl34527530Cl34527530
Cl34527530
 
Aa34163168
Aa34163168Aa34163168
Aa34163168
 
Co34543549
Co34543549Co34543549
Co34543549
 
Bb34327332
Bb34327332Bb34327332
Bb34327332
 
Bi34381384
Bi34381384Bi34381384
Bi34381384
 
Aq34255260
Aq34255260Aq34255260
Aq34255260
 
W34137142
W34137142W34137142
W34137142
 
[PT] trendwatching.com’s MI CASA ES TU CASA
[PT] trendwatching.com’s MI CASA ES TU CASA[PT] trendwatching.com’s MI CASA ES TU CASA
[PT] trendwatching.com’s MI CASA ES TU CASA
 
Oper
OperOper
Oper
 

Similar a Cr32585591

Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...ams1ams11
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdfImXaib
 
Evaluation the performanc of dmz
Evaluation the performanc of dmzEvaluation the performanc of dmz
Evaluation the performanc of dmzBaha Rababah
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxBluechipComputerSyst
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 

Similar a Cr32585591 (20)

Cr32585591
Cr32585591Cr32585591
Cr32585591
 
Firewall
FirewallFirewall
Firewall
 
Firewall
Firewall Firewall
Firewall
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
169
169169
169
 
Firewall
FirewallFirewall
Firewall
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewalls
FirewallsFirewalls
Firewalls
 
Evaluation the performanc of dmz
Evaluation the performanc of dmzEvaluation the performanc of dmz
Evaluation the performanc of dmz
 
Firewall
FirewallFirewall
Firewall
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 
internet-firewalls
internet-firewallsinternet-firewalls
internet-firewalls
 
Firewall
FirewallFirewall
Firewall
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 

Último

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Último (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

Cr32585591

  • 1. Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 A Survey on Security Issues in Firewalls: A New Approach for Classifying Firewall Vulnerabilities Iman Kashefi*, Maryam Kassiri**, Ali Shahidinejad*** *(Faculty of Computing (FC), Universiti Teknologi Malaysia (UTM), 81300 Johor Bahru, Malaysia,) **(Faculty of Computer Engineering, Robat Karim Branch, Islamic Azad University, Tehran, Iran,) ***(Faculty of Computing (FC), Universiti Teknologi Malaysia (UTM), 81300 Johor Bahru, Malaysia,) ABSTRACT Along with the increasing growth of from outside the network, but it is not supposed to computer networks, security threats multiplies guard the network from an insider attack. On the and accordingly improving and enhancing the other hand restraining inside attacks by access network security devices and methods become a controlling has negative influence on user efficiency necessity. Firewalls as the first line of defense [3]. have irrefutable importance in securing a With respect to the crucial role of firewalls network; therefore improvement in this in network security, a systematic study on firewalls technology ensures higher level of security in vulnerabilities is needed to further categorize the computer networks. Any improvement or novel limitations with the purpose of helping researchers to ideas are not achieved unless a deep analysis of gain a good perspective of problems in the first place the existing methods and current needs takes to find practical solution to enhance the robustness of place. In this paper the vulnerabilities of security. firewalls according to their natures and also This paper is divided into three sections; in various types of firewalls are classified in order the first section firewall and its types are described, to create a better perspective for future research. the aim of the second section is to categorize firewall Also some of the current approaches to mitigate vulnerabilities according to their nature and various these vulnerabilities are mentioned and firewall types and some of the current solutions to mitigate fingerprinting as a technique which makes the vulnerabilities are presented, and finally the last attackers able to obtain more precise information section briefly describes firewall fingerprinting about firewalls` vulnerabilities in order to exploit which can be used by attackers to identify type and them is presented. characteristics of a firewall to misuse its vulnerabilities with the aim of launching a successful Keywords – Firewalls, Firewall Fingerprinting, attack. Firewalls vulnerabilities, Network Attacks, Network Security II. FIREWALL AND ITS TYPES Firewalls have significant role in securing a I. INTRODUCTION network. For the purpose of protecting a network, Firewall is one of the most powerful firewall is used as the first line defense in almost security guards that has been used widespread as a every organization [4]. Firewall is considered as one primary part of every network [1]. First it was of the efficient tools in providing top level of assumed to exist between two networks; however, security in computer networks [5]. A firewall is a with the growth in use of internet and small size device or a system designed to block unpermitted networks, it changed to one of the crucial aspect of access from inside or outside a private network. The every gateway to clog external intruder from greatest functionality of the firewall is filtering, in accessing to LANs and any other private network. other words firewall has the responsibility of Since the firewalls are considered as the first and diverting the traffic with respect to pre-set policies, main line of defense in monitoring the inbound and and by this means it can protect the system or outbound traffic in enterprise and backbone network from flooding types of attacks [6]. As it is networks, the security and reliability issues are mentioned earlier, firewalls are used greatly for significantly important and should be carefully taken preventing unpermitted internet user from gaining into consideration. access to a private network which is connected to In spite of the fact that firewalls are the internet and this is achieved by filtering each considered as a useful defender in certain attacks, it incoming or outgoing packet to assure that both the comes with security holes that can be bypassed in source and destination of packets are trusted. some cases. Regarding the nature of computer and Normally, firewalls configuration is in the way that network devices, firewalls also have some protect network from unauthorized interactive login limitations that can be misused by attackers [2]. For from outside. In this way “hackers” are prevented example a firewall can impede the intruders’ access from logging into systems in a private network. 585 | P a g e
  • 2. Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 Firewalls are vital, regarding to the fact that they recourses such as memory with higher capacity are have ability to provide a block point where security required. is at risk. By constantly monitoring the traffic, • Stateful Inspection firewalls: These kinds of firewalls can provide a safe auditing and logging, in firewalls are the more advanced form of the stateful most cases, they provide logs to the administrator packet filtering firewalls. Stateful packet filtering about the type and volume of the network traffic. firewalls are generally used for application that This block point does its job as an armed guard demand multiple ports, such as FTP applications. does. All incoming and outgoing data should pass They check the payload and optionally open and through the firewall which control each single close ports on the fly as per the protocol. This can be packet and obstruct those that are against the achieved through rules configuration and gain security criteria and pre-set rules. Firewalls rules are information concerning the fourth layer to the a set of predefined rules that each rule have an seventh layer of the protocol stack. action and a related condition. The action is either • Proxy firewalls: These firewalls isolate private deny or accept, while the related condition network within internet. They evaluate the protocol determines some information of the packets like the syntax by breaking apart the connection between source and destination IP address, port number, client and server. These kinds of firewalls offer a protocol, and so forth. To maintain a decision higher level of security among the other types of regarding an individual packet, the rules are checked firewalls, but it is at the cost of functionality and in turn till the first rule that its condition is met by speed, since they have the ability to limit the the fields of the packet found. Generally the rule set applications which your network can support. In is fully in detailed. When a firewall receives a contrary to stateful firewall that gives access or packet, it checks out its protocol, the source and inhibits incoming or outgoing network packets in a destination address and ports. Then the firewall protected network, traffic does not deluge through a compares the rules against the details of the packet proxy. Alternately, computers constitute a until it finds a match. Different firewalls connection to the proxy that servers are intermediary deployment applies various sequences of rules. devices, and commence a new network connection Generally there are two matching strategies [7], on the side of the request. In this way straight single trigger and multi-trigger. Single trigger connections between systems on the both sides of the processing works in the way that as soon as it firewall are prevented, therefore it is not so easy for matches a rule, the action of it will be performed, an intruder to explore where the network is, just while multi-trigger processing works in opposite because they can never receive packets straightly way. In other words it performs the action of the last from the target system. The main disadvantage of matching rule. this firewall is the need for huge network resources. There are different ways to categorize types of firewall according to their architecture, III. FIREWALL VULNERABLITIES AND THE functionality and their usage. Normally, from the MITIGATION THECHNIQUES user point of view firewalls can be divided into two In this part the most important firewalls types; hardware and software, but according to their limitations and vulnerabilities are classified and architecture and functionality, a range from packet existing proposed solution for mitigating them will level to proxy firewalls can be defined, some of them be presented. “A firewall vulnerability is an error, are mentioned below [8]: weakness, or an invalid assumption made during • Static Packet filtering firewalls: These kinds of firewall design, implementation, or configuration, firewalls sequence the packets concerning to that can be exploited to attack the trusted network allow/deny rules. It is done by the means of fields the firewall is supposed to protect” [9]. According to information on the header such as; host/ destination this definition all the firewalls vulnerabilities can be address or port numbers etc. this analysis is not in classified in two main categories: (1) Vulnerabilities depths, i.e., malicious code detection is not due to firewalls inherent limitations and design performed and each packet is examined as a single defects, (2) Vulnerabilities due to misconfiguration entity. The primary weakness of these firewalls is the or weaknesses in implementation. inability to sustain against fragment and spoofing attacks. 3.1 Vulnerabilities due to firewalls inherent • Stateful packet filtering firewalls: These limitations firewalls keep states of performance. Normally, in a Firewalls present an unreal illustration of client/server environment, client initiates a security regarding to the fact that their inherent conversation with server and waits for server defects are constantly imposed to the hackers. These response. Accordingly responses are permitted to failings are caused by improper designs of the bypass the firewalls rules. In this way a better firewalls. Notwithstanding their helpfulness in optimization in screening process is achieved that providing security, they have some basic leads to empower the overall performance of imperfections which hackers use to break into firewall. In order to keep state tables, additional 586 | P a g e
  • 3. Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 network. This problem causes inefficiency in constantly observing and patching the software in guarding network. the DMZ and intranet. This firewall model conquers Some of these limitations are common in both a problem in traditional firewalls concerning VPN software and hardware firewalls while some are traffic. Portable users require access to organization only found in software firewalls: data when they are out of office. Therefore they apply VPNs with the purpose of gaining access in a 3.1.1 Common limitations in software and secure way. VPNs are not capable of guarding hardware firewalls user’s laptop or personal computer and these The most common vulnerabilities in software and computers change into the potential places to threat hardware firewalls are mentioned below: the organization security because they are inherently • Insider attacks: firewalls do not provide two hosted to the organization’s intranet and protection from insider threats i.e. Insider Attacks. It internet. They provide a security hole for an is acknowledged that insiders impose risks to attacker. Traditional firewalls cannot do much to the security when they have limitless access to traffic which is end-to-end encrypted [11]. The information, knowledge and valuable assets of their model is designed in the way that put the security in organization. They are granted access legitimately the focal point and the security is not overlooked for and this can easily jeopardize the security of the performance reasons. The firewall model is based organization [10]. Firewalls sniff the packets in the on three concepts. First, most of the attacks have the boundaries of the networks and do nothing for the inside source. Limiting the attacking abilities of domestic traffic flow. Therefore, it is not practical individual host, leads to a secure internal network. for the intrusions which come from inside the In this way overall security is enhanced as disarmed network [8]. internal host is not assumed as a threat to the rest of • Traffic that doesn’t go through firewall: There the internet. Second, attacks are implemented in the are ways to route the illegitimate traffic through way that harms the network from the known unpermitted path that does not pass through the vulnerabilities. These vulnerabilities are usually firewall. found in certain software’s versions. In any types of • Tunneling; Tunneling is one of the common attack, first the intruder tries to obtain the software’s methods applied to bypass the firewall; one can version to plan the attack in a way that imposes the envelop message for a protocol inside some other published vulnerability. The information achieved message format [8]. by fingerprinting or social engineering is crucial for • Internet threats like virus attack or password the success of an attack. Disguising the identity of cracking: Firewalls do not carry out deep the OS or server software will inhibit attackers to exploration to detect malicious codes in the packets; commence attacks. Third, security administrator in this way they are likely to ignore some threats of may elude to install software patches due to various this kind. reasons such as unreliability, inaccuracy, Below are some of the recommended solution irrevocability, and lack of enough knowledge. For and novel firewall models to alleviate above this reason an automatic mechanism should be in vulnerabilities: place to install necessary updates as soon as they appear. By this means attacker have less chance to Multipurpose firewalls: Intrusion detection intrude to the network. And this is only practical systems have been used in order to audit whole with the emergence of networks that convey activities inside a network but not as a specific software patches [12]. mechanism against insider attacks. Disarming firewall proposed by Zubair A. Shaikh and Furqan Distributed firewalls: Another approach to Ahmed[11] is a multipurpose firewall which offers alleviate the above mentioned vulnerabilities is some defense mechanism against insiders. This applying distributed firewalls. firewall is a combination of various components; Distributed firewalls have been designed with the each of them presents distinct purpose. It bounds the purpose of providing higher level protection than attacking capabilities of all internal resources, in this traditional firewalls such as gateway and host-based way it can protect network against harmful insiders. firewalls. Distributed firewalls have been developed Owing to the fact that gaining information from an in response to the need of securing network from end system is the first step for an attack, the firewall insider attacks and of course cover the weakness of masks the identity of OS and server software which either gateway or host-based firewalls. According to is positioned in DMZ from either internal or Ioannidis et al. [13], “a distributed firewall is a external users. The disarming firewall model takes mechanism that enforces a centralized security advantage of the strengths of different methods to policy but the latter is applied at the edges”. maintain the security. The significant strengths of Distributed firewalls are designed in the way that this firewall are bounding the intrusion abilities of regulates software applications which are resided in internal source, masking the identity of OS and host that have the responsibility of protecting a server software in DMZ to obstruct attacks, and network against unauthorized access. The notional 587 | P a g e
  • 4. Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 design of distributed firewalls are based on three [17]. In both deployments unified communication elements [14]: First, A common place policy interface is needed. It is proved that linkage method language which is employed for determining takes advantage of independency, high reliability, security policies which are distributed to the firewall and less response time in contrary to the integrated endpoints to configure distributed firewalls. Second, approach. Network-wide mechanisms for the distribution and application of the security policy files to the 3.1.2 Vulnerabilities in software firewalls distributed firewall endpoints. Third, IPsec: security Nowadays software firewalls are the most protocol that maintain network-level encryption for popular choice for installing on personal computers. the secure transmission of the security policy. They use internet access control mechanism to Distributed firewalls have following strengths: provide higher level of security for internet users. • Centralized management: Security policies are These kinds of firewalls have vulnerabilities that can planned centrally and then publish to the various be bypassed in various ways at different layers of endpoints for execution. Adherence of security networks. This is essentially due to the fact that policies through the network and managing the these kinds of firewalls are software. They are not deployment is improved. designed based on a proper architecture; therefore • Defense in depth: when distributed firewall is they allow some traffic and application to pass used with the gateways firewall, the security layers through them. Below are some of the theoretical are notably increased which makes it more difficult bypassing ways [18]. for an intruder to break into the network. Because it • NIC Adapter Driver: An easiest way to bypass saves the time for other kind of defense mechanisms any kind of software firewall is to plan the program to counteract the hazard dramatically and in the way that runs in a lower level. Regarding to accordingly delay and prevent the distribution of the fact that the commercial personal firewall threat in the network. execute at NDIS level while NDIS is located Distributed firewalls also have their own between NIC and protocol driver, therefore if the limitations like decrease in network performance program runs at NIC level, it can bypass the and increase in host load. Therefore in order to firewall. However, it is not practical since the mitigate these disadvantages several architectures Trojan code which is programmed for a specific and models have been introduced and still should be NIC will not be able to run on the others. improved. • Prevent Loading: Since these firewalls occasionally store data in the registry, if the registry Combining firewall and IDS: There are two is manipulated, it may be feasible to obstruct some approaches to combine firewalls and IDS: integrated firewalls from running after restarting the system. approach and linkage approach. In first approach • Uninstall: Another way to bypass a personal both IDS and firewall are placed in one system firewall is by simply uninstalling theme. There are while in second approach they are in two separate many hacking codes which are particularly designed subsystems [15]. to uninstall famous firewalls. • Integrated Approach: The integrated approach • Application Masquerade: Generally the benefits from the advantages of the revelation ability firewalls do not obstruct all the traffic. Some of the detection system along with the blocking applications are permitted for getting access to the capability of the firewall. In this approach the host internet. Sometimes hackers program a malicious IDS and host firewall are placed in the same system. code in the way that it seems like a trusted program, Since the IDS is constantly monitoring the network, so it can simply bypass the firewall. it provides the access control strategy source to the • Application Control: Sometimes a program host firewall. In this way malicious requests are employs a trusted application to send and get detected before the attack occurs [16]. In this unauthorized messages to outside, should the approach traditional access control is combined with program be able to manage the way the programs intrusion detection technology to supply essential uses to perform its actions. information to enable the firewall to block attacks. • Network-monitoring programs: Approximately • In this method, the host firewall is located in a network-monitoring programs are overlooked by one system while the host intrusion detection system personal firewall. It is obvious that if a malicious is running on a separate system. The hosts interact program can work like one of the network in a meaningful manner to share the information to monitoring software, it will be able to bypass enhance the security level to maximum possible personal firewall. degree. This method differentiates from integrated method in the location of the IDS and the firewall. It can be concluded from the above that This approach has dual implementations. In the first personal firewalls are defenseless to many deployment the host firewall is directly linked to intrusions. To improve the level of protection of host IDS, while in the second deployment, a transfer personal firewall to a higher degree, it is device is employed to link the two hosts indirectly recommended to use it along with constantly up-to- 588 | P a g e
  • 5. Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 date antivirus software. Concurrently, it can be a worth pointing out that the primary concerns of potential field for research to fortify the protection firewall designers are security robustness rather than level of personal firewalls from hardware great usability. Nevertheless more the usability perspective. improved, the better results achieved. There is fine balance between usability and security that it only realized by comprehensive design which includes 3.2 Vulnerabilities due to misconfiguration usability in development phases. There are many While the part of vulnerabilities which usability best practices for security design which can come from misconfigurations are the result of be taken into account. It is possible to classify the weakness and complexity of firewalls design and usability issues in two main classes. First there is user interfaces, there are notable reasons which ambiguity in information or sometimes lack of concerning user faults and their incapability of knowledge when the users should make decision on implementing and managing different aspects of security issues. Second, poor user interfaces which firewalls. Carelessness and misuse can be the result in security alerts ignorance. As a solution to biggest threat to any security system anywhere [19]. this problem, firewall designer can fortify the It is worth mentioning that improper use of quality of information through the results from security system can be more detrimental than usability testing with end users. Moreover, it can be relinquish the use of them. The false illustration of a good practice to involve usability experts in design security that inspired by a misconfigured firewall process. makes users behave like they are fully secured, while they are treated with the same risks. Personal IV. FIREWALL FINGERPRINTING firewall are imposed more to misconfiguration, Vulnerabilities mentioned in the previous since the knowledge for implementing firewall in section both in hardware and software firewalls the safe manner may go beyond the capability of along with other vulnerabilities caused by flaws and common users. shortcomings that may exist in some specific models The following are the common vulnerabilities of different firewall brands are more probable to be associated with misconfigurations of the firewalls exploited by attackers if they can acquire enough [9]: information about the employed firewall in a • ICMP allowed, e.g., the firewall can be pinged; computer network. • Denial rather than drop the traffic to ports which are blocked by the firewall. This provides the Regarding to the fact that firewalls are attacker with additional information, or improves usually positioned in a network so that they are the speed of the attacker’s port scan; invisible to the users, the identification of them to • Misconfiguration that allows a TCP pings of explode their vulnerabilities to do a successful internal hosts with Internet-routable IP addresses attack is dramatically complicated. To launch a (e.g., in-bound TCP 80 is not restricted to the web successful attack, the first step that the attacker server) should take is fingerprinting, i.e., finding the • Trust of certain IP addresses firewall implementation, encompassing the brand • Availability of extra/unnecessary services on name, software/firmware version, etc. Providing the firewall that we figure out all possible ways that attackers • Unnecessarily open TCP and UDP ports employ to fingerprint a firewall, we will be able to design required countermeasures accordingly. As mentioned before a part of misconfigurations are related to some other A recent research conducted by Amir R. important issues such as configuring inattentively. Khakpour et al. presents a set of techniques that For instance when the program needs to be acquire some basic information about firewalls configured, occasionally it may happen that the using the processing time of each inquiry packet and users are tired of responding to many questions and can be employed to find firewall implementation. perfunctorily switch off the security warnings. By precisely measuring packet processing time, it is These kinds of problems take place because of poor possible to fingerprint firewalls to figure out the usability in personal firewalls. Poor usability of a type of packet classification algorithms, sensitivity security system can have severe aftereffects as are of firewall performance to traffic load, and other mentioned in several articles. According to Bander characteristics. They proposed some ways to Alfayyadh et al. [19], usability of personal firewalls identify the firewall characteristics that are is especially important and interesting to study announced by firewall implementations. Even because most of the personal firewall users have though the firewall is designed like a black box, little information about security issues. They have attackers can misuse vulnerabilities of these kinds of shown that the main problems arose in personal firewalls from their characteristics that are precisely computer are due to the poor usability that identified to launch effective attacks. They accordingly result in security vulnerabilities. It is presented two methods for deducting firewall 589 | P a g e
  • 6. Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 implementation using these characteristics. The first [2] Cisco Firewall Services Module DoS method is concerned with firewall decision while vulnerability, receiving a sequence of TCP packets that carry http://www.netsecurity.org/secworld.php?i unusual flags; the second method is based on d=10673, 2011. machine learning techniques [20]. By using these [3] J. Craig Lowery , Computer System methods they could acquire relatively accurate data Security: A Primer, March 2002, about the firewalls and could successfully http://www.craiglowery.com/pres/Compute fingerprint the three different types of firewalls, r%20System%20Security- both software and hardware, which they had used %20A%20Primer.pdf for this project. [4] W. Geng, S. Flinn, and J. DcDeourek, Usable firewall The results of their work show that firewall configuration, Proc. 3rd Annual Conference fingerprinting can become a serious issue that on Privacy, Security and Trust, Institute causes exposure of firewall vulnerabilities and of information technology, national should be taken into consideration simultaneously research council Canada, 2005. along with making effort to mitigate firewalls [5] Ghiran, A.M., Silaghi, G.C., and Tomai N., vulnerabilities. Ontology based tools for automating integration V. CONCLUSION and validation of firewall rules, Proc. of The classification of firewall vulnerabilities 12th international conference on Business which is presented in this paper along with the Information Systems, Poland, 2009, 37-48. mentioned existing solutions can be a helpful [6] V.M. Boncheva, A Short Survey of guideline for researchers who aim to enhance the Intrusion Detection Systems, Problems of security of firewalls and also can give them a clear Engineering Cybernetics and Robotics, 58, and precise perspective of existing problems in this 2007. field. [7] V. Zaliva, Firewall Policy Modeling, Analysis and Simulation: a Survey , Integrating the capabilities of firewalls and 2010. IDS and also fortifying the protection level of [8] S. Beg, U. Naru, M. Ashraf, and S. personal firewalls from hardware perspective still Mohsin, Feasibility of Intrusion Detection can be potential fields for future researches. System with High Performance Regarding this study on existing types of Computing: A Survey, IJACS, December vulnerabilities and also defense models in firewalls, 2010 . a unified model which takes benefit from the [9] S. Kamara, S. Fahmy, E. Schultz, F. strength points of different solutions and Kerschbaum, and M. Frantzen, Analysis of accordingly mitigate the vulnerabilities of the Vulnerabilities in Internet Firewalls, models to maximize the robustness of security and CERIAS. protection capability of network may be a good [10] C. Colwill, Human factors in information solution. Although integrating various models in a security: The insider threat - Who can you system may cause some conflicts and have inverse trust these days?, Information Security effects, still there would be a potential area for Technical Report. 2010, 14(4), 186-196. further research to propose an integrated model that [11] Z. A. Shaikh and F. Ahmed, Disarming brings more security. Moreover, not only practical Firewall, Proc. International Conference solutions to improve the security in firewalls on Information and Emerging through mitigating their vulnerabilities should be Technologies, ICIET, 2010. carefully followed, but also in the meanwhile, [12] J. Li, P. L. Reiher, and G. J. Popek. conducting a research for finding countermeasures Resilient Self-Organizing Overlay to prevent firewalls from being fingerprinted by Networks for Security Update Delivery. attackers should be taken into consideration, since IEEE Journal on Selected Areas in firewall fingerprinting increases the probability of Communications (JSAC), January 2004 exposure of vulnerabilities to the security attacks. [13] S. loannidis, A. D. Keromytis, S. M. Bellovin, and 1. M. Smith, Implementing a REFERENCES distributed firewall, Proc. 7th ACM Conj. [1] R. Bace, An Introduction to Intrusion Computer and communications security, Detection and Assessment for System Athens, 2000. and network security Management, [14] V. Ramsurrun and K. M. S. Soyjaudah, A ICSA, Inc Stateful CSG-based Distributed Firewall http://www.icsalabs.com/icsa/docs/html/co Architecture for Robust Distributed mmunities/ids/whitepaper/Intrusion1.pdf. Security, UoM. 590 | P a g e
  • 7. Iman Kashefi, Maryam Kassiri, Ali Shahidinejad / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 2, March -April 2013, pp.585-591 [15] Zh. Lili and C. Tian-jie. Intrusion Detection Based on Intelligence and Collaboration Technology Computer, 2008, 24 (2): 66-68. [16] Zh. Tao-gai and L. Ke, A New Design of Linkage Based on IDS, Henan Institute of Engineering (Natural Science), Vol • 21, No • 3 Sep. 2009. [17] Zh. Zhong-hui and C. Jia-qing, Intrusion Prevention System Based on Linkage Mechanism Computer age, 2006, (7) :28- 29 [18] R. Chiong and S. Dhakal, On the Insecurity of Personal Firewall , IEEE, 2008. [19] B. Alfayyadh, A. Jøsang, M. Alzomai and J. Ponting, Vulnerabilities in Personal Firewalls Caused by Poor Security Usability , IEEE, 2010 [20] A. R. Khakpour et al. , “Firewall Fingerprinting”, 2012 Proceeding IEEE INFOCAM, 2012 591 | P a g e