DocumentCode
1603411
Title
Packet flow histograms to improve firewall efficiency
Author
Trabelsi, Zouheir ; Zhang, Liren ; Zeidan, Safaa
Author_Institution
Fac. of Inf. Technol., UAE Univ., Al Ain, United Arab Emirates
fYear
2011
Firstpage
1
Lastpage
5
Abstract
This paper presents a novel mechanism based on the histograms of packet filtering, which are able to effectively monitor firewall performance in real-time and to predict the patterns of packet filtering in terms of rules order and rule-fields order. Furthermore, the mechanism becomes even more significant when firewall is heavily loaded with burst traffic. A comparison of the proposed approach and the other conventional approaches, including static rule order approach and dynamic rule order approach is presented.
Keywords
authorisation; computer network security; telecommunication traffic; burst traffic; dynamic rule order approach; firewall efficiency; packet filtering; packet flow histograms; rule-fields order; static rule order approach; Equations; Filtering; Fires; Histograms; Optimization; Pattern matching; Security; firewall early rejection; optimization of rule-fields ordering; optimization of rules ordering; packet flow matching histogram;
fLanguage
English
Publisher
ieee
Conference_Titel
Information, Communications and Signal Processing (ICICS) 2011 8th International Conference on
Conference_Location
Singapore
Print_ISBN
978-1-4577-0029-3
Type
conf
DOI
10.1109/ICICS.2011.6173600
Filename
6173600
Link To Document