What's New
  • Feb 07, 2023 News!JACN will adopt Article-by-Article Work Flow. The benefit of article-by-article workflow is that a delay with one article may not delay the entire issue. Once a paper steps into production, it will be published online soon.   [Click]
  • May 30, 2022 News!JACN Vol.10, No.1 has been published with online version.   [Click]
  • Dec 24, 2021 News!Volume 9 No 1 has been indexed by EI (inspec)!   [Click]
General Information
    • ISSN: 1793-8244 (Print)
    • Abbreviated Title:  J. Adv. Comput. Netw.
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Professor Haklin Kimm
    • Executive Editor: Ms. Cherry Chan
    • Abstracting/ Indexing: EBSCO, ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Editor-in-chief
Professor Haklin Kimm
East Stroudsburg University, USA
I'm happy to take on the position of editor in chief of JACN. We encourage authors to submit papers on all aspects of computer networks.

HOME > Archive > 2015 > Volume 3 Number 1 (Mar. 2015) >
JACN 2015 Vol.3(1): 67-74 ISSN: 1793-8244
DOI: 10.7763/JACN.2015.V3.144

An Approach for Improving Performance of a Packet Filtering Firewall Based on Fuzzy Petri Net

Ali A. Ali, Saad M. Darwish, and Shawkat K. Guirguis

Abstract—With the rapid development of Internet, the security of networks becomes an important issue today and monitoring network traffic is necessary for realizing different purposes such as system performance, network debugging and/or information security. As a major measure to implement enterprise security, firewall technique ensures the security of local networks. Traditional firewall technologies have their own weaknesses in architecture, configuration, monitoring and management that affect to firewall performance. Furthermore, it lacks to deal with vague and uncertainty associated with filtering packets from outside. Architecture of a new kind of firewall, intelligence firewall is presented in this paper. The main contribution is to utilize Fuzzy Petri Net as a tool for modeling discrete event systems characterized by an imprecise knowledge. The graphical power of Petri Nets makes the packet filtering model easy to design, test, improve and maintain. Another contribution is to present 2-level fuzzy filtering algorithm to enhance ordering of filtering rules list that permits us to model the dynamic behavior of monitoring system concerning uncertainty associated with packet filtering. Experimental results for local network are given, which show the effectiveness of the suggested approach and demonstrate the enhancement of the firewall sensitivity against the risk coming from network traffics.

Index Terms—Firewall, fuzzy petri net, packet filtering, access control list (ACL).

Ali A. Ali is with Iraqi Commission for Computers and Informatics, Department of Computer, Ministry of Higher education and Scientific Research, Iraq (e-mail: ali_rq88@yahoo.com).
Saad M. Darwish and Shawkat K. Guirguis are with the Department of Information Technology, Institute of Graduate Studies and Research, Alexandria University, 163 Horreya Avenue, El-Shatby 21526, P.O. Box 832, Alexandria, Egypt (e-mail: saad.saad@alexu.edu.eg, Shawkat_g@yahoo.com).

[PDF]

Cite:Ali A. Ali, Saad M. Darwish, and Shawkat K. Guirguis, "An Approach for Improving Performance of a Packet Filtering Firewall Based on Fuzzy Petri Net," Journal of Advances in Computer Networks vol. 3, no. 1, pp. 67-74, 2015.

PREVIOUS PAPER
Differentiating Parameters for Selecting Simple Object Access Protocol (SOAP) vs. Representational State Transfer (REST) Based Architecture
NEXT PAPER
Domain Specific Cyber Forensic Investigation Process Model
Copyright © 2008-2024. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net