Title :
A sequencing algorithm for filtering fields of firewall
Author :
Liu, Bowen ; Wang, WeiPing ; Ji, Rong ; Shao, Hao ; Chen, Jiayao ; Chen, Heran ; Xu, Rui
Author_Institution :
Sch. of Manage., Univ. of Sci. & Technol. of China, Hefei
Abstract :
Firewall rules table is the foundation of firewall to filter data packets and it represents the enterprise security policy. However, firewall efficiency is usually compromised by ineffective configuration of firewall rules table. Traditional researches on the configuration of firewall rules table mainly concern two aspects: solving conflict of rules and sequencing rules. However, the results are not as prominent as expected. So we try to solve the problem from a fire - new perspective - filtering fields. In this paper, (1) we discuss the basis of sequencing filtering fields-capability of filtering (CF). (2) The formula for quantitatively weighting the CF is presented and (3) we provide the sequencing algorithm that sequences filtering fields by their CFs in descending order. Our experiments objectively demonstrate the superiority of the proposed method over conventional methods in terms of the efficiency of firewall.
Keywords :
authorisation; computer networks; data packets; enterprise security policy; filtering fields; firewall rules table; sequencing algorithm; Data security; Filtering algorithms; IP networks; Large-scale systems; Matched filters; NP-hard problem; Optimization methods; Probability; Technology management; Tires;
Conference_Titel :
Industrial Electronics and Applications, 2008. ICIEA 2008. 3rd IEEE Conference on
Conference_Location :
Singapore
Print_ISBN :
978-1-4244-1717-9
Electronic_ISBN :
978-1-4244-1718-6
DOI :
10.1109/ICIEA.2008.4582873
