TY - GEN
T1 - Enhancing Windows Firewall Security Using Fuzzy Reasoning
AU - Naik, Nitin
AU - Jenkins, Paul
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/10/11
Y1 - 2016/10/11
N2 - Firewall is a standard security utility within the Microsoft Windows operating system. Most Windows users adopt it as the default security option due to its free availability. Moreover, Windows Firewall is a widely used security tool because of the large market share of the Microsoft Windows operating system. It can be customised for filtering of network traffic based on user-defined inbound and outbound rules. It is supplied with only basic functionality. As a result it cannot be considered as an effective tool for monitoring and analysing of inbound and outbound traffic. Nonetheless, as a freely available and conventional end user security tool, with some enhancement it could perform as a useful security tool for millions of Windows users. Therefore, this paper presents an enhanced Windows Firewall for a more effective monitoring and analysis of network traffic, based upon an intuitive fuzzy reasoning approach. Consequently, it can be used to prevent a greater range of attacks beyond the simple filtering of inbound and outbound network traffic. In this paper, a simulation of ICMP flooding is demonstrated, where the created firewall inbound and outbound rules are insufficient to monitor ICMP flooding. However, the addition of fuzzy reasoning system monitored it successfully and enhanced the standard Windows Firewall functionality to prevent ICMP flooding. The use of this Windows Fuzzy-Firewall can also be extended to prevent TCP flooding, UDP flooding and some other types of denial of service attacks.
AB - Firewall is a standard security utility within the Microsoft Windows operating system. Most Windows users adopt it as the default security option due to its free availability. Moreover, Windows Firewall is a widely used security tool because of the large market share of the Microsoft Windows operating system. It can be customised for filtering of network traffic based on user-defined inbound and outbound rules. It is supplied with only basic functionality. As a result it cannot be considered as an effective tool for monitoring and analysing of inbound and outbound traffic. Nonetheless, as a freely available and conventional end user security tool, with some enhancement it could perform as a useful security tool for millions of Windows users. Therefore, this paper presents an enhanced Windows Firewall for a more effective monitoring and analysis of network traffic, based upon an intuitive fuzzy reasoning approach. Consequently, it can be used to prevent a greater range of attacks beyond the simple filtering of inbound and outbound network traffic. In this paper, a simulation of ICMP flooding is demonstrated, where the created firewall inbound and outbound rules are insufficient to monitor ICMP flooding. However, the addition of fuzzy reasoning system monitored it successfully and enhanced the standard Windows Firewall functionality to prevent ICMP flooding. The use of this Windows Fuzzy-Firewall can also be extended to prevent TCP flooding, UDP flooding and some other types of denial of service attacks.
KW - Firewall Rules
KW - Fuzzy Reasoning
KW - Fuzzy-Firewall
KW - ICMP Flooding
KW - Microsoft Windows
UR - http://www.scopus.com/inward/record.url?scp=84995495764&partnerID=8YFLogxK
U2 - 10.1109/DASC-PICom-DataCom-CyberSciTec.2016.64
DO - 10.1109/DASC-PICom-DataCom-CyberSciTec.2016.64
M3 - Conference contribution
AN - SCOPUS:84995495764
T3 - Proceedings - 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing, DASC 2016, 2016 IEEE 14th International Conference on Pervasive Intelligence and Computing, PICom 2016, 2016 IEEE 2nd International Conference on Big Data Intelligence and Computing, DataCom 2016 and 2016 IEEE Cyber Science and Technology Congress, CyberSciTech 2016, DASC-PICom-DataCom-CyberSciTech 2016
SP - 263
EP - 269
BT - Proceedings - 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing, DASC 2016, 2016 IEEE 14th International Conference on Pervasive Intelligence and Computing, PICom 2016, 2016 IEEE 2nd International Conference on Big Data Intelligence and Computing, DataCom 2016 and 2016 IEEE Cyber Science and Technology Congress, CyberSciTech 2016, DASC-PICom-DataCom-CyberSciTech 2016
A2 - Wang, Kevin I-Kai
A2 - Jin, Qun
A2 - Bhuiyan, Md Zakirul Alam
A2 - Zhang, Qingchen
A2 - Hsu, Ching-Hsien
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 14th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2016, 14th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2016, 2nd IEEE International Conference on Big Data Intelligence and Computing, DataCom 2016 and 2016 IEEE Cyber Science and Technology Congress, CyberSciTech 2016, DASC-PICom-DataCom-CyberSciTech 2016
Y2 - 8 August 2016 through 10 August 2016
ER -