Queuing analysis of network firewalls

K. Salah

doi:10.1109/GLOCOM.2010.5684053

Queuing analysis of network firewalls

K. Salah

Computer & Communication Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

9 Scopus citations

Abstract

Network firewalls act as the first line of defense against unwanted and malicious traffic targeting private networks connected to the Internet. Predicting the overall firewall performance, especially under attack, becomes crucial to network security engineers and designers in assessing how affective and tolerable a network firewall is, thereby be able to sustain the availability of network services. In this paper, we present an analytical queueing model based on the embedded Markov chain to study and analyze the performance of rule-based firewalls when subjected to normal and DoS attacks. We derive equations for key features and performance measures of engineering and design significance. In addition, we validate our analytical model against real experimental measurements.

Original language	British English
Title of host publication	2010 IEEE Global Telecommunications Conference, GLOBECOM 2010
DOIs	https://doi.org/10.1109/GLOCOM.2010.5684053
State	Published - 2010
Event	53rd IEEE Global Communications Conference, GLOBECOM 2010 - Miami, FL, United States Duration: 6 Dec 2010 → 10 Dec 2010

Publication series

Name	GLOBECOM - IEEE Global Telecommunications Conference

Conference

Conference	53rd IEEE Global Communications Conference, GLOBECOM 2010
Country/Territory	United States
City	Miami, FL
Period	6/12/10 → 10/12/10

Keywords

Network firewalls
Performance modeling and analysis
Queueing systems

Access to Document

10.1109/GLOCOM.2010.5684053

Cite this

@inproceedings{bf716c22c2b94b0aa26fd520c212d028,

title = "Queuing analysis of network firewalls",

abstract = "Network firewalls act as the first line of defense against unwanted and malicious traffic targeting private networks connected to the Internet. Predicting the overall firewall performance, especially under attack, becomes crucial to network security engineers and designers in assessing how affective and tolerable a network firewall is, thereby be able to sustain the availability of network services. In this paper, we present an analytical queueing model based on the embedded Markov chain to study and analyze the performance of rule-based firewalls when subjected to normal and DoS attacks. We derive equations for key features and performance measures of engineering and design significance. In addition, we validate our analytical model against real experimental measurements.",

keywords = "Network firewalls, Performance modeling and analysis, Queueing systems",

author = "K. Salah",

year = "2010",

doi = "10.1109/GLOCOM.2010.5684053",

language = "British English",

isbn = "9781424456383",

series = "GLOBECOM - IEEE Global Telecommunications Conference",

booktitle = "2010 IEEE Global Telecommunications Conference, GLOBECOM 2010",

note = "53rd IEEE Global Communications Conference, GLOBECOM 2010 ; Conference date: 06-12-2010 Through 10-12-2010",

}

TY - GEN

T1 - Queuing analysis of network firewalls

AU - Salah, K.

PY - 2010

Y1 - 2010

N2 - Network firewalls act as the first line of defense against unwanted and malicious traffic targeting private networks connected to the Internet. Predicting the overall firewall performance, especially under attack, becomes crucial to network security engineers and designers in assessing how affective and tolerable a network firewall is, thereby be able to sustain the availability of network services. In this paper, we present an analytical queueing model based on the embedded Markov chain to study and analyze the performance of rule-based firewalls when subjected to normal and DoS attacks. We derive equations for key features and performance measures of engineering and design significance. In addition, we validate our analytical model against real experimental measurements.

AB - Network firewalls act as the first line of defense against unwanted and malicious traffic targeting private networks connected to the Internet. Predicting the overall firewall performance, especially under attack, becomes crucial to network security engineers and designers in assessing how affective and tolerable a network firewall is, thereby be able to sustain the availability of network services. In this paper, we present an analytical queueing model based on the embedded Markov chain to study and analyze the performance of rule-based firewalls when subjected to normal and DoS attacks. We derive equations for key features and performance measures of engineering and design significance. In addition, we validate our analytical model against real experimental measurements.

KW - Network firewalls

KW - Performance modeling and analysis

KW - Queueing systems

UR - http://www.scopus.com/inward/record.url?scp=79551649961&partnerID=8YFLogxK

U2 - 10.1109/GLOCOM.2010.5684053

DO - 10.1109/GLOCOM.2010.5684053

M3 - Conference contribution

AN - SCOPUS:79551649961

SN - 9781424456383

T3 - GLOBECOM - IEEE Global Telecommunications Conference

BT - 2010 IEEE Global Telecommunications Conference, GLOBECOM 2010

T2 - 53rd IEEE Global Communications Conference, GLOBECOM 2010

Y2 - 6 December 2010 through 10 December 2010

ER -

Queuing analysis of network firewalls

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this