IntroductionFirewalls, which act as the most important defense mechanism of network security, have to be tested to validate that they work as specified. The firewall specification is mainly composed of intended security policy and allowed network protocols, which are usually the main focus of an attacker. The intended security policy consists of firewall rules, which configure the firewall behavior, and allowed network protocols. These constitute an important part of firewall's internal infrastructure which can be described as packet capture, decision making on the packet under consideration, and packet release. Decision making operation is carried out with respect to firewall policy and network protocols. The security policy is external to the firewall like a configuration file, whereas packet checking with respect to network protocols is implemented in the firewall software.Since the firewall policy is considered as a specification and can be represented by a formal model, we propose a model-based testing approach for firewalls. The novelty of this approach is using DAG model for firewall testing. This paper proposes modeling of firewall rules and generating test cases using DAGs. Since event sequence graphs (ESG) are directed graphs, we applied its test case generation algorithm to the DAG representation of firewall rules. Then test packets derived from generated test cases are sent to the firewall to analyze its behavior.Next section summarizes related work before Section 3 outlines background and the test generation algorithm. The core of the paper, Section 4, presents our firewall testing approach. Sections 5 and 6 include implementation details of the approach and a case study on a firewall. Section 7 concludes the paper and outlines our research work planned.
Related WorkA firewall controls network traffic to and from a computer, based on a security policy. Although systematic testing was an omitted area in firewall studies and relative literature, recent studies on