Self-adjusting binary search trees
Journal of the ACM (JACM)
Scalable high speed IP routing lookups
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Packet classification using tuple space search
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Scalable packet classification
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Packet classification in large ISPs: design and evaluation of decision tree classifiers
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Dynamic rule-ordering optimization for high-speed firewall filtering
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Traffic-Adaptive Packet Filtering of Denial of Service Attacks
WOWMOM '06 Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks
Firewall Rules Sorting Based on Markov Model
ISDPE '07 Proceedings of the The First International Symposium on Data, Privacy, and E-Commerce
Firewall Rule Ordering Based on Statistical Model
ICCET '09 Proceedings of the 2009 International Conference on Computer Engineering and Technology - Volume 02
Complete redundancy detection in firewalls
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
On Dynamic Optimization of Packet Matching in High-Speed Firewalls
IEEE Journal on Selected Areas in Communications
Algorithms for packet classification
IEEE Network: The Magazine of Global Internetworking
Hi-index | 0.00 |
In this paper, we present a mechanism that utilizes network traffic behavior and packet filtering statistics to improve firewall performance. The proposed mechanism allows optimizing the filtering rules order and their corresponding fields order upon certain threshold qualification following the divergence of the traffic behavior. The current and previous traffic windows statistics are used to check the system stability using Chi-Square Test. The achieved gain in processing time compared to related mechanisms is due to minimizing the overhead corresponding to the frequency of updating the security policy rule/field structures.