• DocumentCode
    3512020
  • Title

    Efficient Algorithm for Detecting Firewall Rule Conflict

  • Author

    Xu Yan ; Wei Zhaoxia ; Tang Qingrong

  • Author_Institution
    Dept. of Microelectron. Technol., CDUESTC, Chengdu, China
  • fYear
    2013
  • fDate
    9-11 Sept. 2013
  • Firstpage
    340
  • Lastpage
    343
  • Abstract
    Conflict detection algorithm in the traditional firewall rules, increase when the number of firewall rules to a certain extent, the probability of conflict will increase, which will match the packets cause miscarriage of justice. In order to be able to quickly detect firewall rules in the conflict, this paper presents an improved rule of conflict detection algorithms (DBBV algorithm). The algorithm processes the rules on conflict detection using binary tree data structure, and one-dimensional intersection operation after operation, makes rules simpler to detect. Expression of flexibility in the rules, not due to a redundant operation, resulting in high time complexity. Through the analysis of algorithms, and verified by experiment, the algorithm efficiency significantly higher than traditional ASBV algorithm of conflict detection.
  • Keywords
    firewalls; tree data structures; DBBV algorithm; binary tree data structure; conflict probability; firewall rule conflict detection; one-dimensional intersection operation; time complexity; Algorithm design and analysis; Binary trees; Classification algorithms; Detection algorithms; Time complexity; Vectors; DBBV algorithm; firewall rule conflict; the bit vector;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligent Networking and Collaborative Systems (INCoS), 2013 5th International Conference on
  • Conference_Location
    Xi´an
  • Type

    conf

  • DOI
    10.1109/INCoS.2013.63
  • Filename
    6630434
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3512020