Crosslayer firewall interaction as a means to provide effective and efficient protection at mobile devices

In this paper we discuss packet filtering firewalls and an application level gateway approach used to secure handheld devices. We propose a firewall management plane as a means for cross layer interaction. In our approach the application level gateway updates the firewall rules based on its knowledge about whether or not a certain source is sending malicious packets. Hereby we pursue a policy of removing malicious packets as close as possible to the network interface. We show that in case of secure web service such a cross layer interaction can significantly decrease the CPU load in case of attacks, i.e., if many malicious packets arrive at the handheld device. Our measurement results show that our cross layer approach can reduce the CPU load caused by the application layer gateway by about 10 up to 30 per cent. Finally we propose an integrated firewall processing approach that promises further improvements. It integrates the application controlled firewall before the MAC and provides crosslayer mechanisms to reduce the performance issues of traditional firewall approaches.