FWNL: A Natural Language Processing System for Configuring Multiple Firewalls
Abstract
In this work we present a system based on natural language processing, called FWNL, to provide firewall settings in FWLang and enable automatic integration with FWUnify. The objective is to develop an named entity recognition pipeline to reduce the learning curve and mitigate operational errors when setting up multiple firewalls. We implemented a working prototype of FWNL and demonstrated its flexibility by linking three conversation environments: one based on the command line, another based on a web service and a third based on a messaging application.
Keywords:
Access control, authentication, biometrics, trust, and identity management, Computer network security
References
Adamopoulou, E. and Moussiades, L. (2020). Chatbots: History, technology, and applications. Machine Learning with Applications, 2:100006.
Botta, D., Werlinger, R., Gagné, A., Beznosov, K., Iverson, L., Fels, S., and Fisher, B. (2007). Towards understanding it security professionals and their tools. In Proceedings of the 3rd SOUPS, page 100–111. ACM.
Devlin, J., Chang, M.-W., Lee, K., and Toutanova, K. (2019). BERT: Pre-training of deep bidirectional transformers for language understanding. In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics, pages 4171–4186. Association for Computational Linguistics.
Fiorenza, M., Kreutz, D., Mansilha, R., Macedo, D., Feitosa, E., and Immich, R. (2021a). FWunify: uma ferramenta para simplificar a configuração de múltiplos firewalls. In ANAIS ESTENDIDOS DO XXI SIMPÓSIO BRASILEIRO EM SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS. SBC.
Fiorenza, M., Kreutz, D., Mansilha, R., Macedo, D., Feitosa, E., and Immich, R. (2021b). Representação e aplicação de políticas de segurança em firewall de redes híbridas. In XXXIX Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos. SBC.
Haber, E. M. and Bailey, J. (2007). Design guidelines for system administration tools developed through ethnographic field studies. In Proceedings of the 2007 Symposium on CHIMIT, page 1–es. ACM.
Manning, C. and Schutze, H. (1999). Foundations of statistical natural language processing. MIT press.
Manning, C. D. (2008). Introduction to information retrieval. Syngress Publishing,.
Mikolov, T., Sutskever, I., Chen, K., Corrado, G., and Dean, J. (2013). Distributed representations of words and phrases and their compositionality. In Proceedings of the 26th International Conference on Neural Information Processing Systems - Volume 2, NIPS’13, page 3111–3119, Red Hook, NY, USA. Curran Associates Inc.
Nadeau, D. and Sekine, S. (2007). A survey of named entity recognition and classification. Lingvisticae Investigationes, 30(1):3–26.
Uc-Cetina, V., Navarro-Guerrero, N., and Martin-Gonzalez (2022). Survey on reinforcement learning for language processing. Artificial Intelligence Review.
Voronkov, A., Martucci, L. A., and Lindskog, S. (2019). System administrators prefer command line interfaces, don’t they? an exploratory study of firewall interfaces. In Fifteenth SOUPS. USENIX Association.
Botta, D., Werlinger, R., Gagné, A., Beznosov, K., Iverson, L., Fels, S., and Fisher, B. (2007). Towards understanding it security professionals and their tools. In Proceedings of the 3rd SOUPS, page 100–111. ACM.
Devlin, J., Chang, M.-W., Lee, K., and Toutanova, K. (2019). BERT: Pre-training of deep bidirectional transformers for language understanding. In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics, pages 4171–4186. Association for Computational Linguistics.
Fiorenza, M., Kreutz, D., Mansilha, R., Macedo, D., Feitosa, E., and Immich, R. (2021a). FWunify: uma ferramenta para simplificar a configuração de múltiplos firewalls. In ANAIS ESTENDIDOS DO XXI SIMPÓSIO BRASILEIRO EM SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS. SBC.
Fiorenza, M., Kreutz, D., Mansilha, R., Macedo, D., Feitosa, E., and Immich, R. (2021b). Representação e aplicação de políticas de segurança em firewall de redes híbridas. In XXXIX Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos. SBC.
Haber, E. M. and Bailey, J. (2007). Design guidelines for system administration tools developed through ethnographic field studies. In Proceedings of the 2007 Symposium on CHIMIT, page 1–es. ACM.
Manning, C. and Schutze, H. (1999). Foundations of statistical natural language processing. MIT press.
Manning, C. D. (2008). Introduction to information retrieval. Syngress Publishing,.
Mikolov, T., Sutskever, I., Chen, K., Corrado, G., and Dean, J. (2013). Distributed representations of words and phrases and their compositionality. In Proceedings of the 26th International Conference on Neural Information Processing Systems - Volume 2, NIPS’13, page 3111–3119, Red Hook, NY, USA. Curran Associates Inc.
Nadeau, D. and Sekine, S. (2007). A survey of named entity recognition and classification. Lingvisticae Investigationes, 30(1):3–26.
Uc-Cetina, V., Navarro-Guerrero, N., and Martin-Gonzalez (2022). Survey on reinforcement learning for language processing. Artificial Intelligence Review.
Voronkov, A., Martucci, L. A., and Lindskog, S. (2019). System administrators prefer command line interfaces, don’t they? an exploratory study of firewall interfaces. In Fifteenth SOUPS. USENIX Association.
Published
2022-09-12
How to Cite
GOULART, José A. S.; F. JUNIOR, Washington L. M.; PAIM, Kayuã O.; LUNARDI, Gabriel M.; KREUTZ, Diego L.; MANSILHA, Rodrigo B..
FWNL: A Natural Language Processing System for Configuring Multiple Firewalls. In: TOOLS - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 22. , 2022, Santa Maria.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 119-126.
DOI: https://doi.org/10.5753/sbseg_estendido.2022.227035.
