Correo Electrónico
DNINFOA - SIA
Bibliotecas
Convocatorias
Identidad U.N.
Publicado
AUTOFIRE: an intelligent multi-agent framework for automated extraction and classification of pfSense Firewall rules
AUTOFIRE: un marco inteligente multiagente para la Extracción y clasificación automatizada de reglas de Firewall pfSense
DOI:
https://doi.org/10.15446/dyna.v93n240.121706Palabras clave:
Network security, firewall rules, pfSense, confidence scoring, multi-agentsystems, rule classification, privacy preservation, distributed validation (en)seguridad de redes, reglas de Firewal, pfSense, puntuación de confianza, sistemas multiagente, clasificación de reglas, preservación de la privacidad, validación distribuida (es)
Descargas
The article presents a next-generation smart multi-agent system, AUTOFIRE, for the automatic extraction and classification of pfSense firewall rules. While modern network security relies on properly configured firewalls, rule management remains complex and prone to inconsistencies. Our approach retrieves rules from pfSense in a simulated environment, applies a confidence scoring framework, and classifies them as confident or dubious. Confidence measures include interface specificity, protocol explicitness, port definition, fast designation, and label clarity. Empirical results from our prototype show that 76.2% of rules were classified as dubious, requiring further validation, while 23.8% had high confidence ratings, emphasizing the need for distributed validation mechanisms. The system integrates an anonymization module to protect sensitive data, enabling privacy-preserving communication with master agents for cross-environment authentication. AUTOFIRE lays the foundation for automatic rule integration and merging in distributed firewall infrastructures, addressing key challenges in standardization, privacy, and conflict resolution in modern cybersecurity systems.
Este artículo presenta AUTOFIRE, un sistema inteligente de nueva generación basado en múltiples agentes para la extracción y clasificación automática de reglas de firewall en pfSense. Aunque la seguridad de las redes modernas depende de una correcta configuración de los firewalls, la gestión de reglas sigue siendo compleja y propensa a inconsistencias. El enfoque propuesto recupera reglas en un entorno simulado, aplica un marco de puntuación de confianza y las clasifica como confiables o dudosas. Las métricas de confianza incluyen la especificidad de la interfaz, la explicitación del protocolo, la definición de puertos, la designación rápida y la claridad de las etiquetas. Los resultados experimentales muestran que el 76,2% de las reglas fueron clasificadas como dudosas y requieren validación adicional, mientras que el 23,8% alcanzó un alto nivel de confianza. Además, el sistema incorpora un módulo de anonimización que protege datos sensibles y permite la validación distribuida preservando la privacidad. AUTOFIRE establece una base para la integración automática de reglas en infraestructuras de firewall distribuidas.
Referencias
[1] Kumar, D., and Gupta, M., Implementation of firewall and intrusion detection system using pfSense to enhance network security. International Journal of Electrical Electronics and Computer Science Engineering, 1, pp. 2454-1222, 2018.
[2] Loevenich, J., Adler, E., Mercier, R., et al., Autonomous cyber defense using hybrid AI models for critical network protection. IEEE Access, 12, pp. 1-10, 2024. DOI: https://doi.org/10.1109/ICMCIS61231.2024.10540988
[3] Ejeofobiri, C.K., Victor-Igun, O.O., and Okoye, C., AI-driven secure intrusion detection for Internet of Things (IoT) networks. Asian Journal of Mathematics and Computer Research, 31(4), pp. 40-55, 2024.
[4] Ramesh, D., et al., Exploring contemporary perspectives on the implementation of firewall policies: a comprehensive review of literature. Indiana Journal of Multidisciplinary Research, 4(3), pp. 218-222, 2024.
[5] Wool, A., A quantitative study of firewall configuration errors. IEEE Computer, 37(6), pp. 62–67, 2004. DOI: https://doi.org/10.1109/MC.2004.2
[6] Al-Shaer, E., and Hamed, H., Discovery of policy anomalies in distributed firewalls. IEEE INFOCOM, 4, pp. 2605–2616, 2004. DOI: https://doi.org/10.1109/INFCOM.2004.1354680.
[7] Yuan, L., Chen, H., Mai, J., et al., FIREMAN: a toolkit for firewall modeling and analysis. IEEE Symposium on Security and Privacy, pp. 15–213, 2006. DOI: https://doi.org/10.1109/SP.2006.16.
[8] Elbadawi, I., Elshoush, H., and Osman, M., A hybrid AI-based approach for rule optimization in network firewalls. IEEE Access, 8, pp. 156224–156237, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3018931
[9] Bégin, L., Létourneau, S., and Tremblay, G., A learning approach to firewall configuration validation. 15th Int. Conf. on Network and Service Management (CNSM), Halifax, NS, Canada, pp. 1–5, 2019. DOI: https://doi.org/10.23919/CNSM46954.2019.9012694
[10] Ahmed, M., Mahmood, A.N., and Hu, J., A survey of network anomaly detection techniques. Journal of Network and Computer Applications, 60, pp. 19–31, 2016. DOI: https://doi.org/10.1016/j.jnca.2015.11.016
[11] Papaioannou, T.G., and Delis, A., Multi-agent frameworks for adaptive network security management. IEEE Trans. Network and Service Management, 12(2), pp. 234–247, 2015. DOI: https://doi.org/10.1109/TNSM.2015.2404795
[12] Zambonelli, F., Jennings, N.R., and Wooldridge, M., Developing multiagent systems: the Gaia methodology. ACM Trans. Software Engineering and Methodology, 12(3), pp. 317–370, 2003. DOI: https://doi.org/10.1145/958961.958963
[13] Zhang, H., Chen, L., and Liu, P., Privacy-preserving data sharing in multi-agent systems for cybersecurity. IEEE Trans. Information Forensics and Security, 17, pp. 1987–2001, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3146091
[14] Fan, L., and Xiong, L., Real-time anonymization of streaming data. IEEE 32nd International Conference on Distributed Computing Systems (ICDCS), pp. 82-91, 2012. DOI: https://doi.org/10.1109/ICDCS.2012.58
[15] Buqing, W., Analysis of a new firewall constructed on pfSense with Snort to defend against common internet intrusions. Applied and Computational Engineering, 43(1), pp. 244-250, 2024. DOI: https://doi.org/10.54254/2755-2721/43/20230841
[16] Loevenich, J., Adler, E., Mercier, R., and Lopes, R.R.F., Design of an autonomous cyber defence agent using hybrid AI models. 2024 International Conference on Military Communication and Information Systems (ICMCIS), Koblenz, Germany, pp. 1–10, 2024. DOI: https://doi.org/10.1109/ICMCIS61231.2024.10540988
[17] Serrano, W., CyberAIBot: artificial intelligence in an intrusion detection system for cybersecurity in the IoT. Future Generation Computer Systems, 166, art. 107543, 2025. DOI: https://doi.org/10.1016/j.future.2024.107543
[18] Rawat, D.B., et al., iShare: blockchain-based privacy-aware multi-agent information sharing games for cybersecurity. 2018 International Conference on Computing, Networking and Communications (ICNC), pp. 425–431, 2018.
[19] Dhrir, H., et al., Machine learning-and deep learning-based anomaly detection in firewalls: a survey. The Journal of Supercomputing, 81(6), art. 07212-y, 2025. DOI: https://doi.org/10.1007/s11227-025-07212-y
[20] Valenza, F., et al., A formal approach for network security policy validation. J., Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 8(1), pp. 79–100, 2017.
[21] Salman, O., et al., Towards efficient real-time traffic classifier: a confidence measure with ensemble deep learning. Computer Networks, 204(4), art. 108684, 2022. DOI: https://doi.org/10.1016/j.comnet.2021.108684
[22] Alsaif, K.I., and Abdullah, A.S., Deep learning technique for gymnastics movements evaluation based on pose estimation. In: Rasheed, J., Abu-Mahfouz, A.M., and Fahim, M., Forthcoming Networks and Sustainability in the AIoT Era. FoNeS-AIoT 2024. Lecture Notes in Networks and Systems, Springer, Cham, 1036, art. 19, 2024. DOI: https://doi.org/10.1007/978-3-031-62881-8_19
[23] Abd, N.S., Karoui, K., Abdullah, W.D., and Shihab, M.A., Data science techniques to reduce the occurrence of false negatives during intrusion detection. International Conference on Soft Computing and its Engineering Applications, pp. 173–187, 2024.
[24] Kaur, P.C.; Ghorpade, T., and Mane, V., Analysis of data security by using anonymization techniques. 6th International Conference-Cloud System and Big Data Engineering (Confluence), pp. 287–293, 2016.
[25] Boudaoud, K., and Guessoum, Z., A multi-agents system for network security management. International Conference on Intelligence in Networks, pp. 407–418, 2000.
[26] Bringhenti, D., et al., Automated firewall configuration in virtual networks. IEEE Transactions on Dependable and Secure Computing, 20(2), pp. 1559–1576, 2022.
[27] Praptodiyono, S., et al., Development of hybrid intrusion detection system based on Suricata with pfSense method for high reduction of DDoS attacks on IPv6 networks. Eastern-European Journal of Enterprise Technologies, 125(9), 2023.
[28] Lu, N., and Yang, Y., Application of evolutionary algorithm in performance optimization of embedded network firewall. Microprocessors and Microsystems, 76, pp. 103087, 2020.
[29] Huma, Z., et al., Hybrid AI models for enhanced network security: combining rule-based and learning-based approaches. Global Perspectives on Multidisciplinary Research, 5(3), pp. 52–63, 2024.
Cómo citar
IEEE
ACM
ACS
APA
ABNT
Chicago
Harvard
MLA
Turabian
Vancouver
Descargar cita
Licencia
Derechos de autor 2026 DYNA
Esta obra está bajo una licencia internacional Creative Commons Atribución-NoComercial-SinDerivadas 4.0.
El autor o autores de un artículo aceptado para publicación en cualquiera de las revistas editadas por la facultad de Minas cederán la totalidad de los derechos patrimoniales a la Universidad Nacional de Colombia de manera gratuita, dentro de los cuáles se incluyen: el derecho a editar, publicar, reproducir y distribuir tanto en medios impresos como digitales, además de incluir en artículo en índices internacionales y/o bases de datos, de igual manera, se faculta a la editorial para utilizar las imágenes, tablas y/o cualquier material gráfico presentado en el artículo para el diseño de carátulas o posters de la misma revista.
