BlockFW -- Towards Blockchain-based Rule-Sharing Firewall

TL;DR

BlockFW introduces a blockchain-based firewall system that decentralizes rule management, enhances security through cryptographic validation, and resists tampering, thereby improving organizational security infrastructure.

Contribution

This work presents a novel blockchain-based firewall system that decentralizes rule sharing and enhances security through cryptographic protections, addressing central server vulnerabilities.

Findings

BlockFW effectively prevents tampering with security rules.

The system maintains performance under adversarial conditions.

Cryptographic validation ensures integrity of rule transactions.

Abstract

Central-managed security mechanisms are often utilized in many organizations, but such server is also a security breaking point. This is because the server has the authority for all nodes that share the security protection. Hence if the attackers successfully tamper the server, the organization will be in trouble. Also, the settings and policies saved on the server are usually not cryptographically secured and ensured with hash. Thus, changing the settings from alternative way is feasible, without causing the security solution to raise any alarms. To mitigate these issues, in this work, we develop BlockFW - a blockchain-based rule sharing firewall to create a managed security mechanism, which provides validation and monitoring from multiple nodes. For BlockFW, all occurred transactions are cryptographically protected to ensure its integrity, making tampering attempts in utmost challenging for attackers. In the evaluation, we explore the performance of BlockFW under several adversarial conditions and demonstrate its effectiveness.