AL-SAFE: A Secure Self-Adaptable Application-Level Firewall for IaaS Clouds

Abstract : Application-level firewalls filter traffic based on a white list of processes that are allowed to access the network. Although they have a complete overview of the system in which they are executed, they can be easily bypassed by knowledgable attackers. In this paper we present AL-SAFE, a cloud-tailored application-level self-adaptable firewall which combines the high degree of visibility of an application-level firewall with the isolation of a traditional standalone firewall. AL-SAFE is able to filter traffic at two distinct points in the virtual infrastructure and adapt the enforced rulesets based on changes in the virtual infrastructure topology and the list of services running inside the virtual machines. Our performance analysis shows that AL-SAFE imposes a tolerable delay to legitimate network connections while it is able to filter out all unauthorised packets.
Complete list of metadatas

Cited literature [8 references]  Display  Hide  Download

https://hal.inria.fr/hal-01363540
Contributor : Anna Giannakou <>
Submitted on : Monday, October 31, 2016 - 10:52:08 PM
Last modification on : Thursday, February 7, 2019 - 4:20:44 PM

Files

al_safe.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01363540, version 1

Citation

Anna Giannakou, Louis Rilling, Jean-Louis Pazat, Christine Morin. AL-SAFE: A Secure Self-Adaptable Application-Level Firewall for IaaS Clouds. CloudCom2016-8th IEEE International Conference on Cloud Computing Technology and Science, Dec 2016, luxembourg, Luxembourg. ⟨hal-01363540⟩

Share

Metrics

Record views

1083

Files downloads

307