Adaptive Firewall Strategy Generation and Optimization Based on Reinforcement Learning

Abstract

Traditional firewall systems use static rule sets, making them unsuitable for growing cyber threats and network circumstances. In this research, we automate firewall rule development and optimization using reinforcement learning (RL) to increase network security and reduce human setup. This paper introduces FireRL, a system that uses reinforcement learning to help make smart decisions about firewall rules by treating it like a Markov Decision Process, enabling an RL agent to learn good firewall rules from simulated network traffic. This proposed method utilizes the Deep Q-learning algorithm to balance throughput, latency, and threat mitigation via repeated improvement. Experiments are performed in benign and dangerous traffic situations. Firewalls outperform static firewalls because they quickly react to new threats and reduce false positives. Resistance to new attack vectors demonstrates the system's flexibility and resilience. This research concludes with a self-optimizing firewall approach that greatly lowers expert-led settings. FireRL's proactive and scalable RL-based defense is ideal for current cybersecurity.

References

Islam, M. S., Uddin, M. A., Hossain, D. M. D., Ahmed, D. M. S., & Moazzam, D. M. G. (2023). Analysis and evaluation of network and application security based on next generation firewall. International Journal of Computing and Digital Systems, 13(1), 193-202.

Madhloom, J. K., Noori, Z. H., Ebis, S. K., Hassen, O. A., & Darwish, S. M. (2023). An information security engineering framework for modeling packet filtering firewall using neutrosophic petri nets. Computers, 12(10), 202.

Adelard, C., & Penrod, O. (2023). Implementation of Network Security System Using Firewall Technology and Intrusion Detection System (IDS). Idea: Future Research, 1(3), 113-121.

Shaheed, A., & Kurdy, M. B. (2022). Web application firewall using machine learning and features engineering. Security and Communication Networks, 2022(1), 5280158.

Dawadi, B. R., Adhikari, B., & Srivastava, D. K. (2023). Deep learning technique-enabled web application firewall for the detection of web attacks. Sensors, 23(4), 2073.

Toprak, S., & Yavuz, A. G. (2022). Web application firewall based on anomaly detection using deep learning. Acta Infologica, 6(2), 219-244.

Bringhenti, D., Marchetto, G., Sisto, R., Valenza, F., & Yusupov, J. (2022). Automated firewall configuration in virtual networks. IEEE Transactions on Dependable and Secure Computing, 20(2), 1559-1576.

Farooq, M., Khan, R., & Khan, M. H. (2023). Stout implementation of firewall and network segmentation for securing IoT devices. Indian Journal of Science and Technology, 16(33), 2609-2621.

alkato, Amro ameid, and Yara sakhnini. “Advanced Real-Time Anomaly Detection and Predictive Trend Modelling in Smart Systems Using Deep Belief Networks Architectures.” PatternIQ Mining, vol. 2, no. 1, 24 Feb. 2025, https://doi.org/10.70023/sahd/250209. Accessed 20 Mar. 2025.

Praise, J. J., Muthukumaran, N., & Raj, R. J. S. A Novel Hybrid Security Framework (HSF) with Vshield Based Firewall to Secure Cloud Computing Environment.[11]Sepczuk, M. (2023). Dynamic web application firewall detection supported by cyber mimic defense approach. Journal of Network and Computer Applications, 213, 103596.

Rajasoundaran, S., Sivakumar, S. A., Devaraju, S., Pasha, M. J., & Lloret, J. (2024). A deep experimental analysis of energy‐proficient firewall policies and security practices for resource limited wireless networks. Security and Privacy, 7(6), e450.

Lee, J. K., Hong, T., & Lee, G. (2024). AI-Based Approach to Firewall Rule Refinement on High-Performance Computing Service Network. Applied Sciences, 14(11), 4373.

Leka, E., Lamani, L., Aliti, A., & Hoxha, E. (2024). Web Application Firewall for Detecting and Mitigation of Based DDoS Attacks Using Machine Learning and Blockchain. TEM Journal, 13(4).

Fadlil, A., Riadi, I., & Mu’Min, M. A. (2024). Mitigation from SQL Injection Attacks on Web Server using Open Web Application Security Project Framework. International Journal of Engineering, 37(4), 635-645.

Kouassi, T., Kamagate, B. H., Asseu, O., & Kermarrec, Y. (2024). Security Policy Model in a Hybrid Zachman-TOGAF Framework for a Telework Enterprise Architecture in a Cloud Environment. Open Journal of Safety Science and Technology, 14(3), 96-115.

https://www.kaggle.com/datasets/tunguz/internet-firewall-data-set

Authors

  • Minghong Yang
  • Zhenhua Yang
  • Qiwen Yang

DOI:

https://doi.org/10.31449/inf.v49i33.9363

Downloads

Published

09/10/2025

How to Cite

Yang, M., Yang, Z., & Yang, Q. (2025). Adaptive Firewall Strategy Generation and Optimization Based on Reinforcement Learning. Informatica, 49(33). https://doi.org/10.31449/inf.v49i33.9363

Issue

Vol. 49 No. 33 (2025): Online-only issue

Section

Online-only

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika