Abstract
This article is a continuation of a number of works devoted to evaluation of probabilistic-temporal characteristics of firewalls when ranging a filtration rule set. This work considers a problem of the decrease in the information flow filtering efficiency. The problem emerged due to the use of a sequential scheme for checking the compliance of packets with the rules, as well as due to heterogeneity and variability of network traffic. The order of rules is non-optimal, and this, in the high-dimensional list, significantly influences the firewall performance and also may cause a considerable time delay and variation in values of packet service time, which is essentially important for the stable functioning of multimedia protocols. One of the ways to prevent decrease in the performance is to range a rule set according to the characteristics of the incoming information flows. In this work, the problems to be solved are: determination and analysis of an average filtering time for the traffic of main transmitting networks; and assessing the effectiveness of ranging the rules. A method for ranging a filtration rule set is proposed, and a queuing system with a complex request service discipline is built. A certain order is used to describe how requests are processed in the system. This order includes the execution of operations with incoming packets and the logical structure of filtration rule set. These are the elements of information flow processing in the firewall. Such level of detailing is not complete, but it is sufficient for creating a model. The QS characteristics are obtained with the help of simulation modelling methods in the Simulink environment of the matrix computing system MATLAB. Based on the analysis of the results obtained, we made conclusions about the possibility of increasing the firewall performance by ranging the filtration rules for those traffic scripts that are close to real ones.
Highlights
IntroductionIn order to ensure information security of automated systems (AS) that have connections to external untrusted resources, we have to pay attention
Let us present the firewall model as a queuing system (QS) with a Bk(t) distribution function (DF) for the request service duration, which depends on the order of the filtration rules on time interval [tk−1, tk)
The created QS with a complex request service discipline and the simulation methods allowed us to obtain the firewall performance estimates when ranging a rule set. These estimates demonstrate that, for the traffic of the main transmission networks, ranging has increased the firewall performance by 20–29% compared to traffic filtering without ranging
Summary
In order to ensure information security of automated systems (AS) that have connections to external untrusted resources, we have to pay attention. The main firewall technology is network traffic filtration according to a certain rule set. We should consider that real network traffic has heterogeneity caused by various non-parameterizable factors This can lead to a decrease in the effectiveness of the static filtration rule set configured initially. The task of ranging a rule set in accordance with the characteristics of information flows is actual and in demand This is especially important for the firewalls that ensure information security for the AS with a complex network architecture and large volumes of network traffic. The main goal of this work is to develop a model for evaluating the firewall performance when ranging the filtration rule set.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call