Network firewalls act as the first line of defense against unwanted and malicious traffic targeting private networks connected to the Internet. Predicting the overall firewall performance, especially under attack, becomes crucial to network security engineers and designers in assessing how affective and tolerable a network firewall is, thereby be able to sustain the availability of network services. In this paper, we present an analytical queueing model based on the embedded Markov chain to study and analyze the performance of rule-based firewalls when subjected to normal and DoS attacks. We derive equations for key features and performance measures of engineering and design significance. In addition, we validate our analytical model against real experimental measurements.
展开▼