Firewalls for servers and datacenters have been developed to defend security attacks. Existing methods and algorithms for server and datacenter firewalls generally demand a significant amount of computing power and memory resources. Hence, they are not feasible for endpoints (e.g., clients), especially not for constrained endpoints such as Internet-of-Things (IoT) clients. Furthermore, the traditional firewalls are not scalable with the size of the network and cannot handle a large IoT network with millions or billions of endpoints.
A known advanced firewall, such as a third generation firewall based on the application layer (layer 7) of the Open System Interconnection (OSI) model, is able to detect when an unwanted application or service is attempting to bypass the firewall, or when a communication protocol is being abused by a malicious attacker. This firewall architecture builds extensive databases to store all previously known attack patterns and the knowledge of “from whom and where the attacks came.” These databases are very large (e.g., terabytes) and can grow quickly as more attacks occur. The sizes of such databases make them infeasible for IoT clients having limited resources. Therefore, there is a need for a reliable, effective and scalable firewall mechanism for networked devices.