Automation testing of firewall using Scapy / Fatin Nur Amirah Rohimi

Firewall tests must be performed to verify that the firewall works as specified. A test case generation approach is built in this project, identifying test cases based on the rule sequence of the firewall and using a real traffic database to prepare test packets. Test packets can be used or inserted to check if the design of the firewall is incorrect, i.e. the rules do not suit the firewall actions. Although literature accepts injection-based firewall testing as an inefficient way to test firewall implementations, no alternative method has yet been developed. Most academic work focuses on checking firewall rules where the implementation of firewall is error-free. Even if the implementation of the firewall is error-free, it is possible to hack and program a firewall to act differently from the intended security policy. In that case, testing based on real-time injection is one of the ways of revealing the breach of security. Automation testing is a technique for software testing to test and compare the actual results with the expected results. This can be done by writing the test script or by using any testing tool for automation. Test automation is used to automate recurring tasks that are hard to perform manually.