Next generation firewalls for dynamic coalitions

Firewalls represent a critical security building block for networks as they monitor and control incoming and outgoing network traffic based on the enforcement of predetermined secu- rity rules, referred to as firewall rules. Firewalls are constantly being improved to enhance network security. From being a simple filtering device, firewall has been evolved to operate in conjunc- tion in intrusion detection and prevention systems. This paper reviews the existing firewall policies and assesses their application in highly dynamic networks such as coalitions networks. The paper also describe the need for the next-generation firewall policies and how the generative policy model can be leveraged

Energy and Information Near Black Hole Horizons

The central challenge in trying to resolve the firewall paradox is to identify excitations in the near-horizon zone of a black hole that can carry information without injuring a freely falling observer. By analyzing the problem from the point of view of a freely falling observer, I arrive at a simple proposal for the degrees of freedom that carry information out of the black hole. An infalling observer experiences the information-carrying modes as ingoing, negative energy excitations of the quantum fields. In these states, freely falling observers who fall in from infinity do not encounter a firewall, but freely falling observers who begin their free fall from a location close to the horizon are "frozen" by a flux of negative energy. When the black hole is "mined," the number of information-carrying modes increases, increasing the negative energy flux in the infalling frame without violating the equivalence principle. Finally, I point out a loophole in recent arguments that an infalling observer must detect a violation of unitarity, effective field theory, or free infall.Comment: 25 pages, 3 figures. v2: minor clarifications, references added; published versio

Current Issues of Malicious Domains Blocking

Cyberattackers often use the Domain Name System (DNS) in their activities. Botnet C&C servers and phishing websites both use DNS to facilitate connection to or from its victims, while the protocol does not contain any security countermeasures to thwart such behavior. In this paper, we examine capabilities of a DNS firewall that would be able to filter access from the protected network to known malicious domains on the outside network. Considering the needs of Computer Security Incident Response Teams (CSIRTs), we formulated functional requirements that a DNS firewall should fulfill to fit the role of a cybersecurity tool. Starting from these requirements, we developed a DNS firewall based on the DNS Response Policy Zones technology, the only suitable open source technology available yet. However, we encountered several essential limitations in the DNS RPZ technology during the testing period. Still, our testing results show that simple DNS firewall can prevent attacks not detected by other cybersecurity tools. We discuss the limitations and propose possible solutions so that the DNS firewall might be used as a more complex cybersecurity tool in the future. Lessons learned from the deployment show that while the DNS firewall can indeed be used to block access to malicious domains, it cannot yet satisfy all the requirements of cybersecurity teams

Blocking Java Applets at the Firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet