Title :
Firewall performance optimization using data mining techniques
Author :
Mustafa, Umniya ; Masud, M.M. ; Trabelsi, Z. ; Wood, Tim ; Al Harthi, Zainab
Author_Institution :
Dept. of Comput. Sci., George Washington Univ., Washington, DC, USA
Abstract :
This paper presents a novel approach to improve firewall performance using data mining techniques. A traditional packet filtering firewall compares a packet against each filtering rule until a match is found. The filtering rules are stored as a rule list. Therefore, the time required to process a packet depends linearly on the number of filtering rules. This time can be prohibitively large for a firewall containing hundreds of rules and the firewall can be a bottleneck for the network if high bandwidth is required. To enhance the firewall performance, we propose a data mining solution. In this approach, instead of comparing the packet with each of the filtering rules, the firewall predicts which rule is most likely going to match the packet. This significantly reduces the processing time taken by the firewall to filter each packet and thus improves its performance. Comparisons were made between the cumulative processing time taken by a standard firewall and the enhanced firewall with data mining to process millions of packets. Compared to the standard firewall, the enhanced firewall took 40% less time in processing the packets.
Keywords :
data mining; firewalls; performance evaluation; cumulative processing time; data mining solution; data mining techniques; filtering rules; firewall performance optimization; network bandwidth; packet filtering firewall; processing time; Accuracy; Data mining; Filtering; IP networks; Standards; Training; Training data; Firewall; data mining; decision-tree; packet filtering; performance optimization;
Conference_Titel :
Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International
Conference_Location :
Sardinia
Print_ISBN :
978-1-4673-2479-3
DOI :
10.1109/IWCMC.2013.6583682
