• Jul 03, 2017 News!JACN Vol.4, No.2 has been indexed by EI (inspec)!   [Click]
  • Jul 12, 2017 News!JACN Vol.5, No.1 has been published with online version.
  • Jul 03, 2017 News!Welcome to join in the 2017 8th International Conference on Networking and Information Technology (ICNIT 2017), which will be held in Penang, Malaysia during November 24-26, 2017.
General Information
    • ISSN: 1793-8244
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Dr. Ka Wai Gary Wong
    • Executive Editor: Ms. Nina Lee
    • Abstracting/ Indexing: EI (INSPEC, IET), Engineering & Technology Digital Library, DOAJ, Electronic Journals Library, Ulrich's Periodicals Directory, International Computer Science Digital Library (ICSDL), ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Editor-in-chief
Dr. Ka Wai Gary Wong
Division of Information and Technology Studies, Faculty of Education, The University of Hong Kong.
It's a honor to serve as the editor-in-chief of JACN. I'll work together with the editors and reviewers to help the journal progress
JACN 2015 Vol.3(1): 67-74 ISSN: 1793-8244
DOI: 10.7763/JACN.2015.V3.144

An Approach for Improving Performance of a Packet Filtering Firewall Based on Fuzzy Petri Net

Ali A. Ali, Saad M. Darwish, and Shawkat K. Guirguis
Abstract—With the rapid development of Internet, the security of networks becomes an important issue today and monitoring network traffic is necessary for realizing different purposes such as system performance, network debugging and/or information security. As a major measure to implement enterprise security, firewall technique ensures the security of local networks. Traditional firewall technologies have their own weaknesses in architecture, configuration, monitoring and management that affect to firewall performance. Furthermore, it lacks to deal with vague and uncertainty associated with filtering packets from outside. Architecture of a new kind of firewall, intelligence firewall is presented in this paper. The main contribution is to utilize Fuzzy Petri Net as a tool for modeling discrete event systems characterized by an imprecise knowledge. The graphical power of Petri Nets makes the packet filtering model easy to design, test, improve and maintain. Another contribution is to present 2-level fuzzy filtering algorithm to enhance ordering of filtering rules list that permits us to model the dynamic behavior of monitoring system concerning uncertainty associated with packet filtering. Experimental results for local network are given, which show the effectiveness of the suggested approach and demonstrate the enhancement of the firewall sensitivity against the risk coming from network traffics.

Index Terms—Firewall, fuzzy petri net, packet filtering, access control list (ACL).

Ali A. Ali is with Iraqi Commission for Computers and Informatics, Department of Computer, Ministry of Higher education and Scientific Research, Iraq (e-mail: ali_rq88@yahoo.com).
Saad M. Darwish and Shawkat K. Guirguis are with the Department of Information Technology, Institute of Graduate Studies and Research, Alexandria University, 163 Horreya Avenue, El-Shatby 21526, P.O. Box 832, Alexandria, Egypt (e-mail: saad.saad@alexu.edu.eg, Shawkat_g@yahoo.com).

[PDF]

Cite:Ali A. Ali, Saad M. Darwish, and Shawkat K. Guirguis, "An Approach for Improving Performance of a Packet Filtering Firewall Based on Fuzzy Petri Net," Journal of Advances in Computer Networks vol. 3, no. 1, pp. 67-74, 2015.

Copyright © 2008-2017. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net