Central-managed security mechanisms are often utilized in many organizations, but such server is also a security breaking point. This is because the server has the authority for all nodes that share the security protection. Hence if the attackers successfully tamper the server, the organization will be in trouble. Also, the settings and policies saved on the server are usually not cryptographically secured and ensured with hash. Thus, changing the settings from alternative way is feasible, without causing the security solution to raise any alarms. To mitigate these issues, in this work, we develop BlockFW - a blockchain-based rule sharing firewall to create a managed security mechanism, which provides validation and monitoring from multiple nodes. For BlockFW, all occurred transactions are cryptographically protected to ensure its integrity, making tampering attempts in utmost challenging for attackers. In the evaluation, we explore the performance of BlockFW under several adversarial conditions and demonstrate its effectiveness.

翻译：摘要：在诸多组织中，中央管理的安全机制常被采用，但此类服务器本身也是安全突破口。这是因为该服务器对所有共享安全防护的节点拥有管理权限。因此，若攻击者成功篡改服务器，组织将陷入困境。此外，保存在服务器上的设置与策略通常未采用加密保护及哈希校验。因此，通过其他途径更改设置是可行的，且不会引发安全解决方案发出任何警报。为缓解这些问题，本研究中我们开发了BlockFW——一种基于区块链的规则共享防火墙，用以创建一种由多节点提供验证与监控的管理安全机制。在BlockFW中，所有发生的交易均受密码学保护以确保其完整性，使攻击者的篡改尝试变得极其困难。在评估中，我们探究了BlockFW在多种对抗条件下的性能，并证明了其有效性。