Edmilson P. da Costa Júnior scite author profile

Edmilson P. da Costa Júnior

2Publications

3Citation Statements Received

37Citation Statements Given

How they've been cited

How they cite others

Affiliations

Federal University of Rio Grande do Norte

Publications

Order By: Most citations

An Architecture for Self-adaptive Distributed Firewall

Júnior¹,

Medeiros²,

Silva³

et al. 2016

View full text Add to dashboard Cite

The notion of secure perimeter given by border firewalls ignores the possibility of attacks originating from inside the network. Although distributed firewalls allow the protection of individual hosts, the provided services might still be susceptible to attacks, as firewalls usually do not analyze application protocols. In this way, software vulnerabilities may be exploited until the problem has been fixed. From vulnerability discovery to the application of patches there is an exposure window that should be reduced. In this context, this paper presents an architecture for a distributed firewall system, in which a Vulnerability Assessment System is integrated for providing a self-adaptive mechanism capable of detecting vulnerabilities and executing actions to reduce exposure, contributing to mitigate the risk of vulnerability exploitation.

show abstract

A new approach to deploy a self-adaptive distributed firewall

Júnior

Silva

Pinheiro

et al. 2018

J Internet Serv Appl

View full text Add to dashboard Cite

Distributed firewall systems emerged with the proposal of protecting individual hosts against attacks originating from inside the network. In these systems, firewall rules are centrally created, then distributed and enforced on all servers that compose the firewall, restricting which services will be available. However, this approach lacks protection against software vulnerabilities that can make network services vulnerable to attacks, since firewalls usually do not scan application protocols. In this sense, from the discovery of any vulnerability until the publication and application of patches there is an exposure window that should be reduced. In this context, this article presents Self-Adaptive Distributed Firewall (SADF). Our approach is based on monitoring hosts and using a vulnerability assessment system to detect vulnerable services, integrated with components capable of deciding and applying firewall rules on affected hosts. In this way, SADF can respond to vulnerabilities discovered in these hosts, helping to mitigate the risk of exploiting the vulnerability. Our system was evaluated in the context of a simulated network environment, where the results achieved demonstrate its viability.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.