Multi-Layer Multi-Technology Firewall Optimisation in Beyond 5G Networks Using Machine Learning Classifiers

Jimena Andrade Hoz; Jose M. Alcaraz Calero; Qi Wang

doi:10.1109/CSNDSP60683.2024.10636539

Multi-Layer Multi-Technology Firewall Optimisation in Beyond 5G Networks Using Machine Learning Classifiers

Jimena Andrade Hoz, Jose M. Alcaraz Calero, Qi Wang

Research output: Chapter in Book/Published conference output › Conference publication

Abstract

Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.

Original language	English
Title of host publication	Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)
Place of Publication	United States
Publisher	IEEE
DOIs	https://doi.org/10.1109/CSNDSP60683.2024.10636539
Publication status	Published - 23 Aug 2024
Event	2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP) - University of Rome Sapienza, Rome, Italy Duration: 17 Jul 2024 → 19 Jul 2024 https://comlab.uniroma3.it/CSNDSP2024.php

Conference

Conference	2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)
Abbreviated title	CSNDSP
Country/Territory	Italy
City	Rome
Period	17/07/24 → 19/07/24
Internet address	https://comlab.uniroma3.it/CSNDSP2024.php

Keywords

firewall optimisation
5G and beyond network
multi-layer firewall
multi-technology firewall
ML classifier

Access to Document

10.1109/CSNDSP60683.2024.10636539

https://research-portal.uws.ac.uk/en/publications/multi-layer-multi-technology-firewall-optimisation-in-beyond-5g-nLicence: CC BY 4.0

Cite this

@inproceedings{5e3c068a63b6445c947abc908eaadf65,

title = "Multi-Layer Multi-Technology Firewall Optimisation in Beyond 5G Networks Using Machine Learning Classifiers",

abstract = "Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.",

keywords = "firewall optimisation, 5G and beyond network, multi-layer firewall, multi-technology firewall, ML classifier",

author = "{Andrade Hoz}, Jimena and {Alcaraz Calero}, {Jose M.} and Qi Wang",

year = "2024",

month = aug,

day = "23",

doi = "10.1109/CSNDSP60683.2024.10636539",

language = "English",

booktitle = "Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)",

publisher = "IEEE",

address = "United States",

note = "2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP), CSNDSP ; Conference date: 17-07-2024 Through 19-07-2024",

url = "https://comlab.uniroma3.it/CSNDSP2024.php",

}

Andrade Hoz, J, Alcaraz Calero, JM & Wang, Q 2024, Multi-Layer Multi-Technology Firewall Optimisation in Beyond 5G Networks Using Machine Learning Classifiers. in Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP). IEEE, United States, 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP), Rome, Italy, 17/07/24. https://doi.org/10.1109/CSNDSP60683.2024.10636539

Multi-Layer Multi-Technology Firewall Optimisation in Beyond 5G Networks Using Machine Learning Classifiers. / Andrade Hoz, Jimena; Alcaraz Calero, Jose M.; Wang, Qi.
Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP). United States: IEEE, 2024.

Research output: Chapter in Book/Published conference output › Conference publication

TY - GEN

T1 - Multi-Layer Multi-Technology Firewall Optimisation in Beyond 5G Networks Using Machine Learning Classifiers

AU - Andrade Hoz, Jimena

AU - Alcaraz Calero, Jose M.

AU - Wang, Qi

PY - 2024/8/23

Y1 - 2024/8/23

N2 - Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.

AB - Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.

KW - firewall optimisation

KW - 5G and beyond network

KW - multi-layer firewall

KW - multi-technology firewall

KW - ML classifier

UR - https://ieeexplore.ieee.org/abstract/document/10636539

U2 - 10.1109/CSNDSP60683.2024.10636539

DO - 10.1109/CSNDSP60683.2024.10636539

M3 - Conference publication

BT - Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)

PB - IEEE

CY - United States

T2 - 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)

Y2 - 17 July 2024 through 19 July 2024

ER -

Multi-Layer Multi-Technology Firewall Optimisation in Beyond 5G Networks Using Machine Learning Classifiers

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this