Firewall Security: Policies, Testing and Performance Evaluation
COMPSAC '00 24th International Computer Software and Applications Conference
Statistical techniques for detecting traffic anomalies through packet header data
IEEE/ACM Transactions on Networking (TON)
Conflict classification and analysis of distributed firewall policies
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
Denial of Service (DoS) attacks are very dangerous as they Consume resources at the network and transport layers. Firewalls are considered as the first line of defence in any network. An attacker may use probing to learn a firewall's policy, and then launch a DoS attack that floods the firewall with traffic targeting the rules at the bottom of this policy. In this paper, we propose a countermeasure that enables the firewall to endure the attack attempts without denying service to legitimate clients. The goal of this work is to use an entropy-based scheme to distinguish between the legitimate and attack traffic. Then, the legitimate traftic will be placed in a queue with a higher priority than the queue holding the attack traffic. The resultS show that the proposed scheme improves on the performance of the firewall under a DoS attack.