Sciweavers

Share
CCS
2006
ACM

Dynamic rule-ordering optimization for high-speed firewall filtering

9 years 1 months ago
Dynamic rule-ordering optimization for high-speed firewall filtering
Packet filtering plays a critical role in many of the current high speed network technologies such as firewalls and IPSec devices. The optimization of firewall policies is critically important to provide high performance packet filtering particularly for high speed network security. Current packet filtering techniques exploit the characteristics of the filtering policies, but they do not consider the traffic behavior in optimizing their search data structures. This results in impractically high space complexity, which undermines the performance gain offered by these techniques. Also, these techniques offer upper bounds for the worst case search times; nevertheless, average case scenarios are not necessarily optimized. Moreover, the types of packet filtering fields used in most of these techniques are limited to IP header fields and cannot be generalized to cover transport and application layer filtering. In this paper, we present a novel technique that utilizes Internet traffic charac...
Hazem Hamed, Ehab Al-Shaer
Added 13 Oct 2010
Updated 13 Oct 2010
Type Conference
Year 2006
Where CCS
Authors Hazem Hamed, Ehab Al-Shaer
Comments (0)
books