Visible to the public Quantifying the Security Effectiveness of Firewalls and DMZs


Huashan Chen is a second-year PhD student in the Department of Computer Science, University of Texas at San Antonio. He received the MS degree in 2016 from the Institute of Information Engineering, Chinese Academy of Sciences. His primary research interests are in cybersecurity, especially moving target defense and security metrics.


Firewalls and Demilitarized Zones (DMZs) are two mechanisms that have been widely employed to secure enterprise networks. Despite this, their security effectiveness has not been systematically quantified. In this paper, we make a first step towards filling this void by presenting a representational framework for investigating their security effectiveness in protecting enterprise networks. Through simulation experiments, we draw useful insights into the security effectiveness of firewalls and DMZs. To the best of our knowledge, these insights were not reported in the literature until now.



Creative Commons 2.5

Other available formats:

Quantifying the Security Effectiveness of Firewalls and DMZs
Switch to experimental viewer