Fonte: “A novel genetic algorithm approach for firewall policy optimization”, Paper, https://ceur-ws.org/Vol-3260/paper17.pdf
Abstract
Exceeding the performance limits of current application filtering systems, both in terms of speed and versatility in supporting sophisticated filtering policies, is a highly topical issue in cybersecurity environments. Systems built for specific uses are fast but have limited filtering functions, and, on the other side, systems that adopt efficient semantics fail to meet performance requirements in terms of speed.
This work aims to propose a novel mechanism for solving the problem of the optimal ordering of filtering policies in a firewall, to reduce the number of times the generic rule is evaluated, and thus having better efficiency from the point of view of time processing, as well as the speed of the filtering action.
The proposed approach uses a genetic algorithm and involves combining two heuristics for managing mutually dependent policies.
The results are encouraging in terms of both performance and timing.
Introduction
The packet filtering operation of a Firewall (FW) may require high computation times, which grow as the complexity of the implemented Security Policy (SP) increases. This could be particularly disadvantageous in scenarios in which fast communications must be guaranteed, for example, in Gigabit Ethernet networks, up to situations in which the system is susceptible to Denial of Service (DoS) attacks.
Attacks of this type could exploit the high latency of systems that are not optimal in terms of time processing capacity. It is therefore required to introduce to remove the anomalies present in an SP, using the most common techniques well-argued and proposed by the authors of.