Could firewall rules be public - a game theoretical perspective

Firewalls are among the most important components in network security. Traditionally, the rules of the firewall are kept private under the assumption that privacy of the ruleset makes attacks on the network more difficult. We posit that this assumption is no longer valid in the Internet of today due to two factors: the emergence of botnets reducing probing difficulty and second, the emergence of distributed applications where private rules increase the difficulty of troubleshooting. We argue that the enforcement of the policy is the key, not the secrecy of the policy itself. In this paper, we demonstrate through the application of game theory that public firewall rules when coupled with false information (lying) are actually better than keeping firewall rules private, especially when taken in the larger group context of the Internet. Interesting scenarios arise when honest, public firewalls are socially insured by other lying firewalls and networks adopting public firewalls become mutually beneficial to each other. The equilibrium under multiple-network game is socially optimal because the percentage of required lying firewalls in social optimum is much smaller than the percentage in single-network equilibrium and the chance of attacking through firewalls is further reduced to zero. Copyright © 2011 John Wiley & Sons, Ltd.