Skip to main content

Research Repository

Advanced Search

Improving cloud network security using the Tree-Rule firewall

He, Xiangjian; Chomsiri, Thawatchai; Nanda, Priyadarsi; Tan, Zhiyuan


Xiangjian He

Thawatchai Chomsiri

Priyadarsi Nanda


This study proposes a new model of firewall called the ‘Tree-Rule Firewall’, which offers various benefits and is applicable for large networks such as ‘cloud’ networks. The recently available firewalls (i.e., Listed-Rule firewalls) have their limitations in performing the tasks and are inapplicable for working on some networks with huge firewall rule sizes. The Listed-Rule firewall is mathematically tested in this paper to prove that the firewall potentially causes conflict rules and redundant rules and hence leads to problematic network security systems and slow functional speed. To overcome these problems, we show the design and development of Tree-Rule firewall that does not create conflict rules and redundant rules. In a Tree-Rule firewall, the rule positioning is based on a tree structure instead of traditional rule listing. To manage firewall rules, we implement a Tree-Rule firewall on the Linux platform and test it on a regular network and under a cloud environment respectively to show its performance. It is demonstrated that the Tree-Rule firewall offers better network security and functional speed than the Listed-Rule firewall. Compared to the Listed-Rule firewall, rules of the Tree-Rule firewall are easier to be created, especially on a large network such as a cloud network.


He, X., Chomsiri, T., Nanda, P., & Tan, Z. (2014). Improving cloud network security using the Tree-Rule firewall. Future Generation Computer Systems, 30, 116-126.

Journal Article Type Article
Acceptance Date Jun 28, 2013
Online Publication Date Jul 26, 2013
Publication Date 2014-01
Deposit Date Nov 15, 2016
Journal Future Generation Computer Systems
Print ISSN 0167-739X
Publisher Elsevier
Peer Reviewed Peer Reviewed
Volume 30
Pages 116-126
Keywords Firewall; Tree-Rule firewall; Network security; Cloud security; Cloud computing
Public URL