Logo Politecnico di Torino
ENIT
WebThesis

A holistic approach for formal adaptive firewall rule management

Giovanni De Maria

A holistic approach for formal adaptive firewall rule management.

Rel. Fulvio Valenza, Daniele Bringhenti, Riccardo Sisto, Luca Durante. Politecnico di Torino, Master of science program in Cybersecurity, 2025

[thumbnail of Tesi_di_laurea]
Preview
 PDF (Tesi_di_laurea) - Thesis
Licence: Creative Commons Attribution Non-commercial No Derivatives.
Download (10MB) | Preview

Abstract

Modern network infrastructures require high speeds for multiple services at once and a robust defence against cyber threats. Among these, Denial-of-Service (DoS) attack is a major risk because it consists of flooding systems to make them unavailable. The security provided by conventional firewalls using static rules becomes insufficient when networks experience this type of attack. To address this limitation, this thesis develops a framework that combines verified static configurations with flexible runtime rule distribution. The system integrates VEREFOO (Verified Refinement and Optimized Orchestrator) which generates optimized and formally verified firewall policies at design time with REDIAL (RulE DIstribution ALgorithm) which operates at runtime to distribute rules between cascaded firewalls.

This system is evaluated through testing on various hardware systems and in simulated attack environments with the aim to demonstrate the effectiveness of the framework

Relators

Fulvio Valenza, Daniele Bringhenti, Riccardo Sisto, Luca Durante

Academic year

2025/26

Publication type

Electronic

Number of Pages

88

Course of studies

Master of science program in Cybersecurity

Classe di laurea

New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING

Aziende collaboratrici

CNR - IEIIT

URI

https://webthesis.biblio.polito.it/id/eprint/37918
Modify record (reserved for operators) Modify record (reserved for operators)
Logo Politecnico di Torino