Collaborative firewalling in wireless networks

Firewalls are one of the essential security elements to enforce access policies in computer networks. Open network architecture, shared wireless medium, stringent resource constraints, and highly dynamic network topology impose a new set of challenges on deploying firewalls in a mobile wireless environment. The current state-of-the-art demands for self protection by personal (i.e. local) firewalls for each node; however, this requires that all unwanted traffic travels all the way to the node before it is discarded at the destination. This wastes considerable bandwidth and power of all of the nodes in a network with multi-hop routing, specially if a node is under a denial of service (DoS) attack. In this paper, we develop a novel distributed firewalling scheme for wireless networks in which nodes collaboratively perform packet filtering to address resource squandering. The proposed scheme introduces techniques to distribute discarding rules based on both proactive and reactive routing protocols. It also proposes efficient rule placement mechanisms to maximize the number of packets discarded remotely before they reach the destination and minimize the number of unwanted packet forwardings. The scheme is evaluated through various simulation scenarios. The simulation results show that by distributing only 1% of the rules, about 42% of the unwanted traffic is discarded before it reaches the destination, which significantly saves the network resources. Saving about 30% of the wasted bandwidth can be crucial for the performance of a wireless network.