A sequencing algorithm for filtering fields of firewall

Author

Liu, Bowen ; Wang, WeiPing ; Ji, Rong ; Shao, Hao ; Chen, Jiayao ; Chen, Heran ; Xu, Rui

Author_Institution

Sch. of Manage., Univ. of Sci. & Technol. of China, Hefei

fYear

2008

fDate

3-5 June 2008

Firstpage

2009

Lastpage

2012

Abstract

Firewall rules table is the foundation of firewall to filter data packets and it represents the enterprise security policy. However, firewall efficiency is usually compromised by ineffective configuration of firewall rules table. Traditional researches on the configuration of firewall rules table mainly concern two aspects: solving conflict of rules and sequencing rules. However, the results are not as prominent as expected. So we try to solve the problem from a fire - new perspective - filtering fields. In this paper, (1) we discuss the basis of sequencing filtering fields-capability of filtering (CF). (2) The formula for quantitatively weighting the CF is presented and (3) we provide the sequencing algorithm that sequences filtering fields by their CFs in descending order. Our experiments objectively demonstrate the superiority of the proposed method over conventional methods in terms of the efficiency of firewall.

Keywords

authorisation; computer networks; data packets; enterprise security policy; filtering fields; firewall rules table; sequencing algorithm; Data security; Filtering algorithms; IP networks; Large-scale systems; Matched filters; NP-hard problem; Optimization methods; Probability; Technology management; Tires;

fLanguage

English

Publisher

ieee

Conference_Titel

Industrial Electronics and Applications, 2008. ICIEA 2008. 3rd IEEE Conference on

Conference_Location

Singapore

Print_ISBN

978-1-4244-1717-9

Electronic_ISBN

978-1-4244-1718-6

Type

conf

DOI

10.1109/ICIEA.2008.4582873

Filename

4582873