Citation:

Himanshu Sharma, 2021. "Next-Generation Firewall in the Cloud: Advanced Firewall Solutions to the Cloud" ESP Journal of Engineering & Technology Advancements  1(1): 98-111.

Abstract:

IT is evolving at an incredible pace, and this has greatly changed the perimeter of the network that is distributed. As such, the traditional concepts of security are not enough. Today, port-based firewalls have become virtually useless because, as more and more businesses use analytics, cloud computing, and other forms of automation to speed up their progress in creating new products and services to meet the public’s demand, smart cyber threats are being created to exploit the gaps left behind by traditional security tools. To counter such challenges, there has been the development of advanced firewalls referred to as the next generation firewalls (NGFWs) and Web Applications firewalls (WAFWs). The aim of this paper is to describe how NGFWs developed and merged with cloud solutions, focusing on additional capabilities like DPI, application filtering, and implementation of AI. Pursuant to that, this research compares AI-based firewalls as it assesses their performance in meeting current cyber threats using sophisticated methods like machine learning and deep learning. The paper focuses on the cloud applicability of AI-based firewalls and examines their capacity to deliver constant performance in dynamic networks. This research does not provide theoretical simulation but shows the actual performance of different AI-based firewall architectures, their ability to detect threats, false positives, and time consumption. The paper also looks into the issues related to the use of these advanced firewalls in cloud environments and discusses possible drawbacks and modifications that may be done. Therefore, this research offers a literature review of the NGFWs and WAFWs and their applicability in defending the current complex enterprise environments, including the use of cloud services. The findings add to the current knowledge of cyber security management, suggesting the potential of AI to be a key enabler of detection, growth, and resource management within the cloud security paradigm.

References:

[1] Z. Ai, M. Zhang, W. Zhang, J. Kang, L. Tong, and Y. Duan, “Survey on the scheme evaluation, opportunities and challenges of software defined‐information centric network,” IET Communications, 2023.

[2] M. Alazab, S. KP, S. Srinivasan, S. Venkatraman, and V. Q. Pham, “Deep learning for cyber security applications: A comprehensive survey,” 2021.

[3] S. Ali, S. U. Rehman, A. Imran, G. Adeem, Z. Iqbal, and K. I. Kim, “Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection,” Electronics, vol. 11, no. 23, pp. 3934, 2022.

[4] NGFW: What is a Next Generation Firewall?, online. https://networkinterview.com/next-generation-firewall-ngfw/#google_vignette

[5] T. Sowmya and E. M. Anita, “A comprehensive review of AI-based intrusion detection system,” Measurement: Sensors, p. 100827, 2023.

[6] X. Shen, J. Gao, W. Wu, K. Lyu, M. Li, W. Zhuang, et al., “AI-assisted network-slicing based nextgeneration wireless networks,” IEEE Open Journal of Vehicular Technology, vol. 1, pp. 45-66, 2020.

[7] S. Armoogum and N. Mohamudally, “A Comprehensive Review of Intrusion Detection and Prevention Systems against Single Flood Attacks in SIP-Based Systems,” International Journal of Computer Network & Information Security, vol. 13, no. 6, 2021.

[8] G. González-Granadillo, S. González-Zarzosa, and R. Diaz, “Security information and event management (SIEM): analysis, trends, and usage in critical infrastructures,” Sensors, vol. 21, no. 14, p. 4759, 2021.

[9] P. Salva-Garcia, R. Ricart-Sanchez, E. Chirivella-Perez, Q. Wang, and J. M. Alcaraz-Calero, “XDPbased SmartNIC Hardware Performance Acceleration for Next-Generation Networks,” Journal of Network and Systems Management, vol. 30, no. 4, p. 75, 2022.

[10] A. Haldorai, Q. S. Mahdi, and P. Devasudha, “Application of AI/ML in Network-Slicing-Based Infrastructure of the Next-Generation Wireless Networking Systems,” in 2023 Fifth International Conference on Electrical, Computer and Communication Technologies (ICECCT), pp. 1-10, IEEE, February 2023.

[11] A. Imanbayev, S. Tynymbayev, R. Odarchenko, S. Gnatyuk, R. Berdibayev, A. Baikenov, and N. Kaniyeva, “Research of machine learning algorithms for the development of intrusion detection systems in 5G mobile networks and beyond,” Sensors, vol. 22, no. 24, p. 9957, 2022.

[12] S. Iftikhar, S. S. Gill, C. Song, M. Xu, M. S. Aslanpour, A. N. Toosi, et al., “AI-based fog and edge computing: A systematic review, taxonomy and future directions,” Internet of Things, p. 100674, 2022.

[13] O. G. Awuor, “Assessment of existing cyber-attack detection models for web-based systems,” Global Journal of Engineering and Technology Advances, vol. 15, no. 01, pp. 070-089, 2023.

[14] R. Badhwar, “The Case for AI Artificial intelligence (AI)/ML Machine learning (ML) in Cybersecurity,” in The CISO’s Next Frontier: AI, Post-Quantum Cryptography and Advanced Security Paradigms, Cham: Springer International Publishing, 2021, pp. 45-73.

[15] M. Bagaa, T. Taleb, J. B. Bernabe, and A. Skarmeta, “A machine learning security framework for IoT systems,” IEEE Access, vol. 8, pp. 114066-114077, 2020.

[16] M. Dayal, A. Chawla, M. Khari, and A. N. Mahajan, “Artificial Intelligence-Based Smart Packet Filter,” in Proceedings of Third International Conference on Computing, Communications, and Cyber-Security: IC4S 2021, Singapore: Springer Nature Singapore, July 2022, pp. 791-801.

[17] H. R. Deekshetha and A. K. Tyagi, “Automated and intelligent systems for next-generation-based smart applications,” in Data Science for Genomics, Academic Press, 2023, pp. 265-276.

[18] P. Dolezel, F. Holik, J. Merta, and D. Stursa, “Optimization of a depiction procedure for an artificial intelligence-based network protection system using a genetic algorithm,” Applied Sciences, vol. 11, no. 5, p. 2012, 2021.

[19] H. Dong, A. Munir, H. Tout, and Y. Ganjali, “Next-generation data center network enabled by machine learning: Review, challenges, and opportunities,” IEEE Access, vol. 9, pp. 136459-136475, 2021.

[20] M. Emu, “Artificial intelligence empowered virtual network function deployment and service function chaining for next-generation networks” (Doctoral dissertation).

[21] S. B. Far, A. I. Rad, S. M. H. Bamakan, and M. R. Asaar, “Toward Metaverse of everything: Opportunities, challenges, and future directions of the next generation of visual/virtual communications,” Journal of Network and Computer Applications, p. 103675, 2023.

[22] B. Frederick, “Artificial Intelligence in Computer Networks: Role of AI in Network Security” (Master’s thesis).

[23] S. S. Gill, M. Xu, C. Ottaviani, P. Patros, R. Bahsoon, A. Shaghaghi, et al., “AI for next-generation computing: Emerging trends and future directions,” Internet of Things, vol. 19, p. 100514, 2022.

[24] P. L. S. Jayalaxmi, R. Saha, G. Kumar, M. Conti, and T. H. Kim, “Machine and Deep Learning Solutions for Intrusion Detection and Prevention in IoTs: A Survey,” IEEE Access, 2022.

[25] Generative AI is the new strategic battlegroud, pagarba, online. https://pagarba.ai/revolution-ecommerce

[26] D. Kant and A. Johannsen, “Evaluation of AI-based use cases for enhancing the cyber security defense of small and medium-sized companies (SMEs),” J. Electron. Imaging, vol. 34, paper MOBMU-387, 2022.

[27] I. U. K. U. Khan, M. Ouaissa, M. Ouaissa, Z. Abou El Houda, and M. F. Ijaz (Eds.), "Cyber Security for Next-Generation Computing Technologies," CRC Press, 2023.

[28] M. Macas, C. Wu, and W. Fuertes, “A survey on deep learning for cybersecurity: Progress, challenges, and opportunities,” Computer Networks, vol. 212, p. 109032, 2022.

[29] S. Mishra, “Exploring the Impact of AI-Based Cyber Security Financial Sector Management,” Applied Sciences, vol. 13, no. 10, p. 5875, 2023.

[30] E. R. Ndukwe and B. Baridam, “A Graphical and Qualitative Review of Literature on AI-based CyberThreat Intelligence (CTI) in Banking Sector,” European Journal of Engineering and Technology Research, vol. 8, no. 5, pp. 59-69, 2023.

[31] P. Ramya, S. V. Babu, and G. Venkatesan, “Advancing Cybersecurity with Explainable Artificial Intelligence: A Review of the Latest Research,” in 2023 5th International Conference on Inventive Research in Computing Applications (ICIRCA), pp. 1351-1357, IEEE, August 2023.

[32] I. H. Sarker, “Multi‐aspects AI‐based modeling and adversarial learning for cybersecurity intelligence and robustness: A comprehensive overview,” Security and Privacy, e295, 2023.

[33] I. H. Sarker, M. H. Furhad, and R. Nowrozy, “AI-driven cybersecurity: an overview, security intelligence modeling and research directions,” SN Computer Science, vol. 2, pp. 1-18, 2021.

[34] S. Suprabhath Koduru, V. S. P. Machina, and S. Madichetty, “Cyber Attacks in Cyber-Physical Microgrid Systems: A Comprehensive Review,” Energies, vol. 16, no. 12, p. 4573, 2023.

[35] E. Tcydenova, T. W. Kim, C. Lee, and J. H. Park, “Detection of adversarial attacks in AI-based intrusion detection systems using explainable AI,” Human-Centric Comput Inform Sci, vol. 11, 2021.

[36] S. S. Tirumala, N. Nepal, and S. K. Ray, “Raspberry pi-based intelligent cyber defense systems for SMEs and smart-homes: An exploratory study,” EAI Endorsed Transactions on Smart Cities, vol. 6, no. 18, pp. e4-e4, 2022.

[37] A. A. Wagan, A. A. Khan, Y. L. Chen, P. L. Yee, J. Yang, and A. A. Laghari, “Artificial IntelligenceEnabled Game-Based Learning and Quality of Experience: A Novel and Secure Framework (B-AIQoE),” Sustainability, vol. 15, no. 6, p. 5362, 2023.

[38] T. Zebin, S. Rezvy, and Y. Luo, “An explainable AI-based intrusion detection system for DNS over HTTPS (DoH) attacks,” IEEE Transactions on Information Forensics and Security, vol. 17, pp. 2339- 2349, 2022.

[39] T. Zhang, H. Qiu, M. Mellia, Y. Li, H. Li, and K. Xu, “Interpreting AI for networking: Where we are and where we are going,” IEEE Communications Magazine, vol. 60, no. 2, pp. 25-31, 2022.

[40] S. Patil, V. Varadarajan, D. Walimbe, S. Gulechha, S. Shenoy, A. Raina, and K. Kotecha, “Improving the Robustness of AI-Based Malware Detection Using Adversarial Machine Learning,” Algorithms, vol. 14, no. 10, p. 297, 2021

Keywords:

Artificial Intelligence, Firewall, Security, Cloud, Cyber Security.