DocumentCode :
533427
Title :
A traffic-aware top-N firewall ruleset approximation algorithm
Author :
Lam, Ho-Yu ; Wang, Donghan Jarod ; Chao, H. Jonathan
Author_Institution :
Dept. of Electr. & Comput. Eng., Polytech. Inst. of New York Univ., Brooklyn, NY, USA
fYear :
2010
fDate :
25-26 Oct. 2010
Firstpage :
1
Lastpage :
2
Abstract :
Packet classification is widely used in various network security and operation applications. Two of the main challenges are the increasing number of classification rules, amount of traffic and network line speed. In this poster, we investigate an approximation algorithm for selecting the top-N most frequently matched subset of rules from the original ruleset. Through simulations, we show that our approaches the optimal while runs in seconds, allowing online adaptation to changing traffic patterns.
Keywords :
approximation theory; computer network security; classification rules; network security; packet classification; traffic-aware top-N firewall ruleset approximation algorithm; Approximation algorithms; Approximation methods; Fires; Heuristic algorithms; Optimization; Security; USA Councils; Algorithms; Design; Packet Classification; Security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Architectures for Networking and Communications Systems (ANCS), 2010 ACM/IEEE Symposium on
Conference_Location :
La Jolla, CA
Print_ISBN :
978-1-4244-9127-8
Electronic_ISBN :
978-1-4503-0379-8
Type :
conf
Filename :
5623844
Link To Document :
بازگشت