Information game of public firewall rules

Qi Liao; Zhen Li; Aaron Striegel

doi:10.1109/NPSEC.2009.5342253

Information game of public firewall rules

Qi Liao, Zhen Li, Aaron Striegel

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Firewalls are among the most important components in network security. Traditionally, the rules of the firewall are kept private under the assumption that privacy of the ruleset makes attacks on the network more difficult. We posit that this assumption is no longer valid in the Internet of today due to two factors: the emergence of botnets reducing probing difficulty and second, the emergence of distributed applications where private rules increase the difficulty of troubleshooting. We argue that the enforcement of the policy is the key, not the secrecy of the policy itself. In this paper, we demonstrate through the application of game theory that public firewall rules when coupled with false information (lying) are not only viable but actually better.

Original language	English
Title of host publication	5th IEEE Workshop on Secure Network Protocols, NPSEC'09
Pages	25-30
Number of pages	6
DOIs	https://doi.org/10.1109/NPSEC.2009.5342253
State	Published - 2009
Event	5th IEEE Workshop on Secure Network Protocols, NPSEC'09 - Princeton, NJ, United States Duration: Oct 13 2009 → Oct 13 2009

Publication series

Name	5th IEEE Workshop on Secure Network Protocols, NPSEC'09

Conference

Conference	5th IEEE Workshop on Secure Network Protocols, NPSEC'09
Country/Territory	United States
City	Princeton, NJ
Period	10/13/09 → 10/13/09

Access to Document

10.1109/NPSEC.2009.5342253

Cite this

@inproceedings{5d2aeffb537c4d0f870a6786ff401962,

title = "Information game of public firewall rules",

abstract = "Firewalls are among the most important components in network security. Traditionally, the rules of the firewall are kept private under the assumption that privacy of the ruleset makes attacks on the network more difficult. We posit that this assumption is no longer valid in the Internet of today due to two factors: the emergence of botnets reducing probing difficulty and second, the emergence of distributed applications where private rules increase the difficulty of troubleshooting. We argue that the enforcement of the policy is the key, not the secrecy of the policy itself. In this paper, we demonstrate through the application of game theory that public firewall rules when coupled with false information (lying) are not only viable but actually better.",

author = "Qi Liao and Zhen Li and Aaron Striegel",

year = "2009",

doi = "10.1109/NPSEC.2009.5342253",

language = "English",

isbn = "9781424448654",

series = "5th IEEE Workshop on Secure Network Protocols, NPSEC'09",

pages = "25--30",

booktitle = "5th IEEE Workshop on Secure Network Protocols, NPSEC'09",

note = "5th IEEE Workshop on Secure Network Protocols, NPSEC'09 ; Conference date: 13-10-2009 Through 13-10-2009",

}

TY - GEN

T1 - Information game of public firewall rules

AU - Liao, Qi

AU - Li, Zhen

AU - Striegel, Aaron

PY - 2009

Y1 - 2009

N2 - Firewalls are among the most important components in network security. Traditionally, the rules of the firewall are kept private under the assumption that privacy of the ruleset makes attacks on the network more difficult. We posit that this assumption is no longer valid in the Internet of today due to two factors: the emergence of botnets reducing probing difficulty and second, the emergence of distributed applications where private rules increase the difficulty of troubleshooting. We argue that the enforcement of the policy is the key, not the secrecy of the policy itself. In this paper, we demonstrate through the application of game theory that public firewall rules when coupled with false information (lying) are not only viable but actually better.

AB - Firewalls are among the most important components in network security. Traditionally, the rules of the firewall are kept private under the assumption that privacy of the ruleset makes attacks on the network more difficult. We posit that this assumption is no longer valid in the Internet of today due to two factors: the emergence of botnets reducing probing difficulty and second, the emergence of distributed applications where private rules increase the difficulty of troubleshooting. We argue that the enforcement of the policy is the key, not the secrecy of the policy itself. In this paper, we demonstrate through the application of game theory that public firewall rules when coupled with false information (lying) are not only viable but actually better.

UR - http://www.scopus.com/inward/record.url?scp=74549182188&partnerID=8YFLogxK

U2 - 10.1109/NPSEC.2009.5342253

DO - 10.1109/NPSEC.2009.5342253

M3 - Conference contribution

AN - SCOPUS:74549182188

SN - 9781424448654

T3 - 5th IEEE Workshop on Secure Network Protocols, NPSEC'09

SP - 25

EP - 30

BT - 5th IEEE Workshop on Secure Network Protocols, NPSEC'09

T2 - 5th IEEE Workshop on Secure Network Protocols, NPSEC'09

Y2 - 13 October 2009 through 13 October 2009

ER -

Information game of public firewall rules

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this