Research on self-learning method on generation and optimization of industrial firewall rules

In order to make the rule setting more convenient, this paper presents a self-learning method on the generation and optimization of industrial firewall rules. This method includes three parts: packet preprocessing, rule self-learning and rule optimization. First, packet capturing and analysis accomplish the data preprocessing; Secondly, by using the self-learning module, this method generates the firewall rule set. Finally, the rule set is optimized to reduce the number of rules and shorten the packet matching length. Experiments and comparative results show that the proposed method meet effectiveness and real-time requirements of industrial control system communication control.