Survey on Network Protection Models

Abstract or Introduction

This paper describes some of the key efforts done by the research community to prevent attacks on network infrastructures, mainly by using Firewall and Intrusion Detection Systems. We also cover some of the protection models in Cloud Computing. This paper is the second phase of our previous paper about Network Protection Security Threats and Attacks.

The research community investigated the cyber attack prevention models heavily. Most of the work was focused on preventing such attacks by automating Firewall rules and also improving Access Control Lists on network infrastructure devices. Alshaer et al. identified all anomalies that could exist in a single- or multi-firewall environment. They also presented a set of algorithms to detect rule anomalies within a single firewall (intra-firewall anomalies), and between inter-connected firewalls (inter-firewall anomalies) in the network.

The authors also presented the Firewall Policy Advisor which provides a number of techniques for purifying and protecting the firewall policy from rule anomalies. The administrator may use the firewall policy advisor to manage firewall policies without prior analysis of filtering rules. In this paper, they formally defined a number of firewall policy anomalies in both centralized and distributed firewalls and they proved that these are the only conflicts that could exist in firewall policies. Then they presented a set of algorithms to detect rule anomalies within a single firewall (intra-firewall anomalies), and between inter-connected firewalls (inter-firewall anomalies) in the network.