Firewall Like Program

The Firewall Like Program is the third and bottom layer of the HSS. This layer is the firewall that will protect each module from malicious intent. The FLP layer is not physically in the same location as the other two layers. It consists of three components; the “configuration file”, the “filter”, the “firewall like program communication”, and the “Firewall Like Program Independent Log” (FLPIL). The components assigned to the FLP allows the FLP to run independently from the rest of the layers on a separate module. By allowing an independent function, the program will continue to run "normally" without being in contact with the HSP and HSS.

The stateless firewalls are the original FLPs that follow a strict filtering rules stat are static. When a packet requests to enter these firewalls, the filter requests a key exchange. The filter can either match the key or not match the key. If the keys are matched, then the FLP will grant the packet access to the module. If the filter cannot match the keys, then the firewall will drop the packet and continue filtering other packets.

FLP Statefull firewalls are considered the "smart firewalls". These FLPs are dynamic statefull firewalls that watch each packet and keeps track of whats passing through its filters. Once a packet requests to enter it has the same function as the stateless FLP but also understands the behavior of that packet. When filtering, the smart firewall will keep a log of each packet and evaluates if its a malicious packet or not. It will also catch rogue packets that are trying to mask itself as a normal packet. Once the rogue packet is unmasked, the smart flp will flag it and share that information with the HSP layer and all the other FLPs.

Originally the Hybrid Security System’s architecture was only using stateless firewalls. By following this architecture, the security system was susceptible to vulnerabilities found in stateless firewalls. If an attacker compromised a stateless FLP, the compromised FLP would not be able to mitigate the attack. To combat the vulnerability in the FLP, an implementation of stateful firewall would replace all FLPs assigned to modules that are external gateways for the vehicular network. These modules would include Bluetooth, WiFi, and wireless sensors.

When a packet passes through a stateful FLP, the FLP will understand if the packet is a trusted or untrusted packet. If trusted, FLP will allow the packet to pass through, but if the packet is unknown or has requested access over ‘x’ amount of times the FLP will block the packet and generates an error ticket to the FLP Independent Log, and a flag is generated, eventually causing a system wide black list.

The HSS flag system has two types of flags that can be generated. The first flag is the Yellow Flag. The yellow flag is generated by the ‘x’ amount of same source packets that are being dropped. When a yellow flag is generated it is sent to the Flag Log in the HSS layer. If the Flag Log receives ‘x’ amount of yellow flags, the HSP will generate a Black Flag.

When a black flag is generated, it generates a filtering rule update that adds the malicious packet source to the block table. This rule is then sent to every FLP on the network alerting every FLP of the rouge packet.

By applying this newer implementation for the FLPs, it mitigates the chance of a successful attack due to the alert system that had been developed. If an FLP is compromised, it will not understand that its down. Fortunately if that attack reaches a neighboring stateful FLP, that FLP will likely be able to understand the rogue packet and start the process of the flags. The paragraph below will give a protocol of how the flag system will work.

- "A Threat to Vehicular Cyber Security and The Urgency for Correction"