A Theoretical Model for Analysis of Firewalls under Bursty Traffic Flows

Abstract

Firewalls are located at the front line of the network against outside threats. Performance modeling and analysis of network firewalls help to better understand their behavior and characteristics. Moreover, having an analytical model in hand helps firewall designers avoid developing multiple design alternatives and thus considerably reduce the design costs. Moreover, the network administrators can proactively identify the performance bottlenecks of the network and fix them before any malicious attack which targets the network or the firewall itself. In this paper, we propose a novel analytical approach for performance modeling and analysis of network firewalls based on a discrete-time queuing system in which the bursty nature of the incoming traffic is taken into account, where traditional queuing models such as $M/M/1$ model fails to capture peculiar characteristics of the Internet traffic. Throughput, packet loss, delay, and firewalls CPU utilization are employed as performance evaluation indicators in our proposed model. In addition, we introduce a potential DoS attack with a very low rate which can be launched against firewalls with different burstiness factors.