Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform
As part of the study, existing solutions aimed at ensuring the security of the network perimeter of the multi-cloud platform were considered. It is established that the most acute problem is the effective formation of rules on firewalls. Existing approaches do not allow optimizing the list of rules...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Yaroslavl State University
2019-03-01
|
| Series: | Моделирование и анализ информационных систем |
| Subjects: | |
| Online Access: | https://www.mais-journal.ru/jour/article/view/1164 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850024021391835136 |
|---|---|
| author | Denis I. Parfenov Irina P. Bolodurina Vadim A. Torchin |
| author_facet | Denis I. Parfenov Irina P. Bolodurina Vadim A. Torchin |
| author_sort | Denis I. Parfenov |
| collection | DOAJ |
| description | As part of the study, existing solutions aimed at ensuring the security of the network perimeter of the multi-cloud platform were considered. It is established that the most acute problem is the effective formation of rules on firewalls. Existing approaches do not allow optimizing the list of rules on nodes that control access to the network. The aim of the study is to increase the effectiveness of firewall tools by conflict-free optimization of security rules and the use of a neural network approach in software-defined networks. The proposed solution is based on the sharing of intelligent mathematical approaches and modern technologies of virtualization of network functions. In the course of experimental studies, a comparative analysis of the traditional means of rule formation, the neural network approach, and the genetic algorithm was carried out. It is recommended to use the multilayer perceptron neural network classifier for automatic construction of network security rules since it gives the best results in terms of performance. It is also recommended to reduce the size of the firewall security rule list using the Kohonen network, as this tool shows the best performance. A conflict-free optimization algorithm was introduced into the designed architecture, which produces finite optimization by ranking and deriving the most common exceptions from large restrictive rules, which allows increasing protection against attacks that are aimed at identifying security rules at the bottom of the firewall list. On the basis of the proposed solution, the adaptive firewall module was implemented as part of the research. |
| format | Article |
| id | doaj-art-09622b53e2ac4c2ca7a86c170d714146 |
| institution | DOAJ |
| issn | 1818-1015 2313-5417 |
| language | English |
| publishDate | 2019-03-01 |
| publisher | Yaroslavl State University |
| record_format | Article |
| series | Моделирование и анализ информационных систем |
| spelling | doaj-art-09622b53e2ac4c2ca7a86c170d7141462025-08-20T03:01:14ZengYaroslavl State UniversityМоделирование и анализ информационных систем1818-10152313-54172019-03-012619010010.18255/1818-1015-2019-1-90-100895Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud PlatformDenis I. Parfenov0Irina P. Bolodurina1Vadim A. Torchin2Orenburg State UniversityOrenburg State UniversityOrenburg State UniversityAs part of the study, existing solutions aimed at ensuring the security of the network perimeter of the multi-cloud platform were considered. It is established that the most acute problem is the effective formation of rules on firewalls. Existing approaches do not allow optimizing the list of rules on nodes that control access to the network. The aim of the study is to increase the effectiveness of firewall tools by conflict-free optimization of security rules and the use of a neural network approach in software-defined networks. The proposed solution is based on the sharing of intelligent mathematical approaches and modern technologies of virtualization of network functions. In the course of experimental studies, a comparative analysis of the traditional means of rule formation, the neural network approach, and the genetic algorithm was carried out. It is recommended to use the multilayer perceptron neural network classifier for automatic construction of network security rules since it gives the best results in terms of performance. It is also recommended to reduce the size of the firewall security rule list using the Kohonen network, as this tool shows the best performance. A conflict-free optimization algorithm was introduced into the designed architecture, which produces finite optimization by ranking and deriving the most common exceptions from large restrictive rules, which allows increasing protection against attacks that are aimed at identifying security rules at the bottom of the firewall list. On the basis of the proposed solution, the adaptive firewall module was implemented as part of the research.https://www.mais-journal.ru/jour/article/view/1164adaptive firewallsoftware-defined networkmulti-cloud platformsneural networknetwork function virtualizationcyber security |
| spellingShingle | Denis I. Parfenov Irina P. Bolodurina Vadim A. Torchin Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform Моделирование и анализ информационных систем adaptive firewall software-defined network multi-cloud platforms neural network network function virtualization cyber security |
| title | Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform |
| title_full | Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform |
| title_fullStr | Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform |
| title_full_unstemmed | Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform |
| title_short | Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform |
| title_sort | development and study of algorithms for the formation of rules for network security nodes in the multi cloud platform |
| topic | adaptive firewall software-defined network multi-cloud platforms neural network network function virtualization cyber security |
| url | https://www.mais-journal.ru/jour/article/view/1164 |
| work_keys_str_mv | AT denisiparfenov developmentandstudyofalgorithmsfortheformationofrulesfornetworksecuritynodesinthemulticloudplatform AT irinapbolodurina developmentandstudyofalgorithmsfortheformationofrulesfornetworksecuritynodesinthemulticloudplatform AT vadimatorchin developmentandstudyofalgorithmsfortheformationofrulesfornetworksecuritynodesinthemulticloudplatform |