Multi-layer multi-technology firewall optimisation in beyond 5G networks using machine learning classifiers

Jimena Andrade Hoz; Jose M. Alcaraz Calero; Qi Wang

Multi-layer multi-technology firewall optimisation in beyond 5G networks using machine learning classifiers

Jimena Andrade Hoz^*, Jose M. Alcaraz Calero, Qi Wang

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

45 Downloads (Pure)

Abstract

Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.

Original language	English
Title of host publication	Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)
Subtitle of host publication	17-19 July 2024 - Rome, Italy
Publisher	IEEE
Number of pages	6
Publication status	Published - 2024
Event	2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing - Rome, Italy Duration: 17 Jul 2024 → 19 Jul 2024 https://comlab.uniroma3.it/CSNDSP2024.php?page=1

Conference

Conference	2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing
Abbreviated title	CSNDSP 2024
Country/Territory	Italy
City	Rome
Period	17/07/24 → 19/07/24
Internet address	https://comlab.uniroma3.it/CSNDSP2024.php?page=1

Keywords

firewall optimisation
5G and beyond network
multi-layer firewall
multi-technology firewall
ML classifier

Access to Document

2024 04 23 Andrade-Hoz et al Firewall accepted - for PureAccepted author manuscript, 328 KBLicence: CC BY 4.0

Cite this

@inproceedings{24f25617d1614ae195242d80ec36652e,

title = "Multi-layer multi-technology firewall optimisation in beyond 5G networks using machine learning classifiers",

abstract = "Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.",

keywords = "firewall optimisation, 5G and beyond network, multi-layer firewall, multi-technology firewall, ML classifier",

author = "{Andrade Hoz}, Jimena and {Alcaraz Calero}, {Jose M.} and Qi Wang",

year = "2024",

language = "English",

booktitle = "Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)",

publisher = "IEEE",

address = "United States",

note = "2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing, CSNDSP 2024 ; Conference date: 17-07-2024 Through 19-07-2024",

url = "https://comlab.uniroma3.it/CSNDSP2024.php?page=1",

}

Andrade Hoz, J, Alcaraz Calero, JM & Wang, Q 2024, Multi-layer multi-technology firewall optimisation in beyond 5G networks using machine learning classifiers. in Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP): 17-19 July 2024 - Rome, Italy. IEEE, 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing, Rome, Italy, 17/07/24.

Multi-layer multi-technology firewall optimisation in beyond 5G networks using machine learning classifiers. / Andrade Hoz, Jimena; Alcaraz Calero, Jose M.; Wang, Qi.
Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP): 17-19 July 2024 - Rome, Italy. IEEE, 2024.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Multi-layer multi-technology firewall optimisation in beyond 5G networks using machine learning classifiers

AU - Andrade Hoz, Jimena

AU - Alcaraz Calero, Jose M.

AU - Wang, Qi

PY - 2024

Y1 - 2024

N2 - Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.

AB - Enhancing the security of Beyond 5G (B5G) and Pre-6G networks poses significant challenges, particularly in effectively implementing firewalls. Within a wide range of technologies aimed at implementing mitigation mechanisms, achieving optimal technology selection and rule set configuration within these diverse technologies is immensely complex. In addition, these rules are usually based on pre-configured template and lack of optimisation with information of real-time network status, often resulting in sub-optimal configurations. In this paper, an architecture that enables the optimisation of multi-layer multi-technology firewalls integrated in a B5G network testbed is presented. Our proposed framework supports network control monitoring and automatic deployment of firewall rules in three different virtual function implementations: iptables, Open vSwitch and Linux traffic control. After performing a comparison among four popular machine learning (ML) models for the optimal selection, our results show that Random Forest is the best algorithm for the proposed solution with a F1-score of 0.9083.

KW - firewall optimisation

KW - 5G and beyond network

KW - multi-layer firewall

KW - multi-technology firewall

KW - ML classifier

M3 - Conference contribution

BT - Proceedings of the 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)

PB - IEEE

T2 - 2024 14th International Symposium on Communication Systems, Networks and Digital Signal Processing

Y2 - 17 July 2024 through 19 July 2024

ER -

Multi-layer multi-technology firewall optimisation in beyond 5G networks using machine learning classifiers

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this