TY - GEN
T1 - Augmented windows fuzzy firewall for preventing denial of service attack
AU - Naik, Nitin
AU - Jenkins, Paul
AU - Cooke, Roger
AU - Ball, David
AU - Foster, Arthur
AU - Jin, Yaochu
PY - 2017/8/23
Y1 - 2017/8/23
N2 - The majority of computer systems use security software/hardware to protect against cyber attacks. A firewall is one the most popular security systems to protect against unauthorized access to or from its hosted network/system. The Microsoft Windows Operating System (OS) is equipped with an intrinsic firewall utility, which has been enhanced over the years to offer advanced security features including IPSec-based virtual private network functionality. This intrinsic Windows Firewall is still not capable of detecting and preventing Denial of Service (DoS) attacks. Nevertheless as an established end user security tool which is supplied with Windows OS, Windows Firewall with some additional intelligence may be an extremely valuable security utility for millions of Windows users. An intelligent Windows fuzzy firewall named FR-WinFirewall has been developed to improve its functionalities and aid prevention of DoS attacks. This paper presents the further extended and generalised version of the FR-WinFirewall to cover IPv6 traffic and for the inclusion of some extra DoS attack types related to ICMPv4, ICMPv6 and TCP. This augmented FR-WinFirewall can monitor, alert and prevent the three types of DoS attacks, ICMP (ICMPv4 and ICMPv6) DoS, UDP DoS and TCP DoS, as these protocols cover the majority of the TCP/IP traffic within any network. In this firewall, three separate fuzzy reasoning components related to three DoS attack types are designed, implemented and tested successfully. The addition of fuzzy intelligence to an intrinsic Windows Firewall makes it comparatively better than many well known firewalls, which are not yet capable of controlling DoS attacks.
AB - The majority of computer systems use security software/hardware to protect against cyber attacks. A firewall is one the most popular security systems to protect against unauthorized access to or from its hosted network/system. The Microsoft Windows Operating System (OS) is equipped with an intrinsic firewall utility, which has been enhanced over the years to offer advanced security features including IPSec-based virtual private network functionality. This intrinsic Windows Firewall is still not capable of detecting and preventing Denial of Service (DoS) attacks. Nevertheless as an established end user security tool which is supplied with Windows OS, Windows Firewall with some additional intelligence may be an extremely valuable security utility for millions of Windows users. An intelligent Windows fuzzy firewall named FR-WinFirewall has been developed to improve its functionalities and aid prevention of DoS attacks. This paper presents the further extended and generalised version of the FR-WinFirewall to cover IPv6 traffic and for the inclusion of some extra DoS attack types related to ICMPv4, ICMPv6 and TCP. This augmented FR-WinFirewall can monitor, alert and prevent the three types of DoS attacks, ICMP (ICMPv4 and ICMPv6) DoS, UDP DoS and TCP DoS, as these protocols cover the majority of the TCP/IP traffic within any network. In this firewall, three separate fuzzy reasoning components related to three DoS attack types are designed, implemented and tested successfully. The addition of fuzzy intelligence to an intrinsic Windows Firewall makes it comparatively better than many well known firewalls, which are not yet capable of controlling DoS attacks.
UR - http://www.scopus.com/inward/record.url?scp=85030184539&partnerID=8YFLogxK
U2 - 10.1109/FUZZ-IEEE.2017.8015701
DO - 10.1109/FUZZ-IEEE.2017.8015701
M3 - Conference publication
AN - SCOPUS:85030184539
T3 - IEEE International Conference on Fuzzy Systems
BT - 2017 IEEE International Conference on Fuzzy Systems, FUZZ 2017
PB - IEEE
T2 - 2017 IEEE International Conference on Fuzzy Systems, FUZZ 2017
Y2 - 9 July 2017 through 12 July 2017
ER -