1 / 16

Diverse Firewall Design

Diverse Firewall Design. Alex X. Liu The University of Texas at Austin, U.S.A. July 1, 2004 Co-author: Mohamed G. Gouda. Firewall. It is a sequence of rules to decide to accept or discard any packet. Example: packet(F1, F2). Firewall Design is error-prone.

gordy
Download Presentation

Diverse Firewall Design

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Diverse Firewall Design Alex X. Liu The University of Texas at Austin, U.S.A. July 1, 2004 Co-author:Mohamed G. Gouda

  2. Firewall • It is a sequence of rules to decide to accept or discard any packet. • Example: packet(F1, F2) • Firewall Design is error-prone. The University of Texas at Austin

  3. How to reduce firewall design errors? • Solution: Diverse Firewall Design • Motived by N-version programming (Avizienis 1977) and back-to-back testing (Vouk 1988) • Differ from N-version programming: only one version deployed • Differ from back-to-back testing: all discrepancies discovered The University of Texas at Austin

  4. Diverse Firewall Design • Design phase: Same specification given to multiple teams to design firewalls • Comparison phase: Compare multiple firewalls to discover all discrepancies The University of Texas at Austin

  5. How to compare two firewalls? • Step 1: construct an equivalent ordered FDD for each firewall • Step 2: make two ordered FDDs semi-isomorphic • Step 3: compare two semi-isomorphic FDDs for discrepancies The University of Texas at Austin

  6. Firewall Decision Diagram (FDD) • Consistency: labels of any two siblings are non-overlapping • Completeness: union of labels of all siblings is the domain of the field F1 [31,100] [1,30] F2 F2 [1,40] [21,100] [41,100] [1,20] a d a d The University of Texas at Austin

  7. Step 1 • Construct an equivalent ordered FDD for each firewall • (An FDD is ordered if the labels along every path in the FDD are consistent with the same total order.) The University of Texas at Austin

  8. Applying Step 1 (2) (1) F1 F1 [1,30] [1,30] F2 F2 [21,100] [1,20] [1,20] a a d (3) (4) F1 F1 [31,100] [31,100] [1,30] [1,30] F2 F2 F2 F2 [21,100] [21,100] [1,20] [1,40] [1,20] [41,100] [1,40] a d a d a a d The University of Texas at Austin

  9. Step 2 • Make two ordered FDDs semi-isomorphic • Semi-isomorphic FDDs: exactly same except labels of terminal nodes • Example: make these FDDs semi-isomorphic F1 F1 [51,100] [31,100] [1,30] [1,50] F2 F2 F2 d [21,100] [1,40] [41,100] [61,100] [1,20] [1,60] a d a d a d The University of Texas at Austin

  10. Applying Step 2: F1 F1 [51,100] [31,100] [1,30] [1,50] F2 F2 F2 d [1,40] [21,100] [41,100] [61,100] [1,20] [1,60] a d a d a d F1 F1 [1,30] [1,30] [51,100] [51,100] [31,50] [31,50] F2 F2 F2 d [21,100] [61,100] [1,20] [1,40] [41,100] [1,60] F2 F2 [41,100] [61,100] [1,40] [1,60] a d a d a d a d a d The University of Texas at Austin

  11. Results of Step 2 F1 [1,30] [51,100] [31,50] F2 F2 F2 [61,100] [61,100] [41,100] [1,20] [1,40] [1,40] [41,60] [21,60] a d d a d d a d F1 [1,30] [51,100] [31,50] F2 F2 F2 [61,100] [61,100] [41,100] [1,20] [1,40] [1,40] [41,60] [21,60] a a d a a d d d The University of Texas at Austin

  12. Step 3: • Compare two semi-isomorphic FDDs for discrepancies The University of Texas at Austin

  13. Applying Step 3: F1 [1,30] [51,100] [31,50] F2 F2 F2 [61,100] [61,100] [41,100] [1,20] [1,40] [1,40] [41,60] [21,60] a d a d d d a d F1 [1,30] [51,100] [31,50] F2 F2 F2 [61,100] [61,100] [1,20] [1,40] [1,40] [41,100] [41,60] [21,60] a d a d a a d d The University of Texas at Austin

  14. Example • 1. Design A of firewall: • 2. Design B of firewall: • 3. Comparison: F1 [51,100] [1,50] F2 d [61,100] [1,60] a d The University of Texas at Austin

  15. Experimental Results • Three algorithms implemented in Java JDK 1.4 • Experiments carried out on SunBlade 2000 (OS: Solaris 9, CPU:1Ghz , memory: 1 GB) The University of Texas at Austin

  16. Conclusions • Three contributions: • Propose diverse firewall design method • Present a suite of algorithms to enable diverse firewall design • FDD Construction Algorithm • FDD Shaping Algorithm • FDD Comparison Algorithm method • FDD construction algorithm can be used to convert a conflict infested firewall to a conflict free firewall The University of Texas at Austin

More Related