Firewall packet filtering optimization using statistical traffic awareness test

Zouheir Trabelsi, Liren Zhang, Safaa Zeidan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

In this paper, we present a mechanism that utilizes network traffic behavior and packet filtering statistics to improve firewall performance. The proposed mechanism allows optimizing the filtering rules order and their corresponding fields order upon certain threshold qualification following the divergence of the traffic behavior. The current and previous traffic windows statistics are used to check the system stability using Chi-Square Test. The achieved gain in processing time compared to related mechanisms is due to minimizing the overhead corresponding to the frequency of updating the security policy rule/field structures.

Original languageEnglish
Title of host publicationInformation and Communications Security - 14th International Conference, ICICS 2012, Proceedings
Pages81-92
Number of pages12
DOIs
Publication statusPublished - 2012
Event14th International Conference on Information and Communications Security, ICICS 2012 - Hong Kong, China
Duration: Oct 29 2012Oct 31 2012

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7618 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other14th International Conference on Information and Communications Security, ICICS 2012
Country/TerritoryChina
CityHong Kong
Period10/29/1210/31/12

Keywords

  • Chi-square Test
  • Packet Classification
  • Rule Order
  • Rule-fields Order
  • System Stability

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Firewall packet filtering optimization using statistical traffic awareness test'. Together they form a unique fingerprint.

Cite this