Firewall and packet filters

A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on your organization's pre-determined security policies. Basically, a firewall is basically a barrier between your private internal network and the public Internet.

Packet filtering is a firewall technology used to monitor outgoing and incoming packets and control network access by allowing or stopping packets based on source and destination IP addresses, protocols, and ports.

Firewalls have been the first and most reliable line of defense in network security for over 30 years. Firewalls first appeared in the late 1980s. They were initially thought of as packet filters. These packet filters were nothing more than network settings between computers. The main function of these packet filtering firewalls was to look for packets or bytes sent between different computers. Although firewalls are becoming more sophisticated due to ongoing development, such packet filter firewalls are still used in legacy systems. When technology was introduced, GilShwed of Check Point Technologies introduced the first stateful inspection firewall in 1993. It was named FireWall1. In 2000, Netscreen released a dedicated firewall appliance. With faster internet speeds, lower latency, and higher throughput at lower cost, it became popular and was quickly adopted by businesses.

How a Firewall Protects a Network?

The firewall system analyzes network traffic based on predefined rules. Then filter the traffic to prevent it from coming from untrusted or suspicious sources. Allow only inbound traffic that is configured to accept. Normally, a firewall intercepts network traffic at a computer entry point called a port. Firewalls perform this task by allowing or blocking certain data packets (a unit of communication sent over a digital network) based on predefined security rules. Inbound traffic is only allowed from trusted IP addresses or sources.

Pearson Chi-square test

Chi-square (χ2) test for independence (Pearson Chi-square test)

· In a contingency table, the Chi-square test is a non-parametric (distribution-free) approach for comparing the association between two categorical (nominal) variables.

· If we have distinct treatments (treated and non-treated) and different treatment outcomes (cured and non-cured), we can apply the chi-square test for independence to see if treatments are connected to treatment outcomes.

· Because the Chi-square test is based on approximation (it returns an approximate p value), it necessitates a higher sample size. For more than 20% of cells, the anticipated frequency count should not be less than 5. If the sample size is tiny, the chi-square test is ineffective, and Fisher's exact test should be used instead.

· The chi-square independence test is not the same as the chi-square goodness of fit test.

Formula

Hypotheses for Chi-square test for independence

· The two category variables are independent, according to the null hypothesis (no association between the two variables) (H0: Oi = Ei)

· Hypothesis #2(alternate hypothesis): The two categorical variables are interdependent (there is an association between the two variables) ( Ha: Oi ≠ Ei )

· There is no one-tailed or two-tailed p value. The chi-square test's rejection zone is always on the right side of the distribution.



Chi-square test assumption

· Data is randomly sampled and the two variables are categorical (nominal).

· The levels of the variables are mutually exclusive.

· A contingency table's predicted frequency count for at least 80% of the cells is at least 5. For modest frequency counts, Fisher's exact test is appropriate.

· The predicted frequency count must be at least one.

· Observations should be separate from one another. Observation data should be frequency counts and not percentages, proportions or transformed data