Firewall Regulatory Networks for Autonomous Cyber Defense
Qi Duan, Ehab Al-Shaer
TL;DR
Addresses scalable autonomous firewall policy management in large networks with limited human intervention. Proposes Firewall Regulatory Networks (FRN), a BRN-inspired framework with a CSP/SMT-based synthesis pipeline that derives satisfiable interactions among firewalls to satisfy mission properties via an activation/inhibition protocol and an ACV vector $ACV$, requiring reachability encoded as a $DNF$ of paths and risk/utility metrics to drive two optimization problems: $OPRM$ and $OPUR$. The main contributions are the FRN framework, the formal synthesis protocol, the CSP/SMT formalization, and demonstration through case studies showing real-time, resilient adaptation. The work enables globally coherent, self-managing security in decentralized networks with provable guarantees and potential for online deployment and extension.
Abstract
In this paper, we present the principles of designing new self-organising and autonomous management protocol to govern the dynamics of bio-inspired decentralized firewall architecture based on Biological Regularity Networks. The new architecture called Firewall Regulatory Networks (FRN) exhibits the following features (1) automatic rule policy configuration with provable utility-risk appetite guarantee, (2) resilient response for changing risks or new service requirements, and (3) globally optimized access control policy reconciliation. We present the FRN protocol and formalize the constraints to synthesize the undetermined components in the protocol to produce interactions that can achieve these objectives. We illustrate the feasibility of the FRN architecture in multiple case studies.
