Traffic Mining Firewall Logs Could Improve Network Security

A firewall is the safety barrier between a computer network and the outside world. Individuals, companies and large organizations alike rely on a firewall being robust enough to fend off hackers attempting to break into a computer system. However, managing the firewall rules that decide between online friend and foe has proved to be complex, error-prone, expensive, and inefficient for many large-networked organizations, according to a research team writing in the International Journal of Internet Protocol Technology.

Muhammad Abedin of the University of Texas at Dallas and colleagues explain that just one error in the set of rules controlling a firewall can open up a critical vulnerability in the system. Such security problem can allow intruders to access data and programs to which they would otherwise be barred potentially leading to breaches of privacy, industrial sabotage, fraud, and theft. The researchers have now developed a method for analyzing the activity log files of corporate firewalls. Their analysis can determine what rules the firewall is actually applying to incoming and outgoing network traffic and then compare these with the original rules to spot errors and omissions. Continue reading.

Related Posts

Soft Spots in Hardened Software Over the past decade, Microsoft, the target of choice for many online attackers, has hardened its operating system, adopting technologies designed to ...
Improved Online Security for a Tenth of the Cost Computer scientists at the University of Hertfordshire have found a way to share information online securely for a fraction of the cost of existing sy...
Malicious Software: Hiding the Honeypots Armies of networked computers that have been compromised by malicious software are commonly known as Botnets. Such Botnets are usually used to carry o...
Removing the RSA Security 1024 V3 Root There’s been confusion today about the work we’re doing on our root store, the set of trusted certificate authorities shipped with Mozilla products. T...
How to Stop Distant Attacks on RFID Chips The limited power and processing ability of RFID chips makes them vulnerable to attackers operating at a distance. A new protocol could tackle this pr...
Governments May Fake SSL Certificates Today two computer security researchers, Christopher Soghoian and Sid Stamm, released a draft of a forthcoming research paper in which they present ev...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).


One Comment

  1. Pingback: Traffic Mining Firewall Logs Could Improve Network Security … | Network Security

Leave a Comment

Your email address will not be published. Required fields are marked *

*