Scalable high speed IP routing lookups
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Fast and scalable layer four switching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
High-speed policy-based packet forwarding using efficient multi-dimensional range matching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
The computational beauty of nature
The computational beauty of nature
Packet classification using tuple space search
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Introduction to Algorithms
Packet classification using multidimensional cutting
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Intrusion Detection
Traffic-Adaptive Packet Filtering of Denial of Service Attacks
WOWMOM '06 Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks
Applying a data mining method for intrusion detection
CompSysTech '07 Proceedings of the 2007 international conference on Computer systems and technologies
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Algorithms for packet classification
IEEE Network: The Magazine of Global Internetworking
Hi-index | 0.00 |
A firewall is a security guard placed at the point of entry between a private network and the outside network. The function of a firewall is to accept or discard the incoming packets passing through it based on the rules in a ruleset. Approaches employing Neural networks for packet filtering in firewall and packet classification using 2D filters have been proposed in the literature. These approaches suffer from the drawbacks of acceptance of packets from the IP address or ports not specified in the firewall rule set and a restricted search in the face of multiple occurrences of the same IP address or ports respectively. In this paper we propose an Ant Colony Optimization (ACO) based approach for packet filtering in the firewall rule set. Termed Ant Colony Optimization Packet Filtering algorithm (ACO-PF), the scheme unlike its predecessors, considers all multiple occurrences of the same IP address or ports in the firewall rule set during its search process. The other parameters of the rule matching with the compared IP address or ports in the firewall ruleset are retrieved and the firewall decides whether the packet has to be accepted or rejected. Also this scheme has a search space lesser than that of binary search in a worst case scenario. It also strictly filters the packets according to the filter rules in the firewall rule set. It is shown that ACO-PF performs well when compared to other existing packet filtering methods. Experimental results comparing the performance of the ACO-PF scheme with the binary search scheme, sequential search scheme and neural network based approaches are presented.