TY - GEN
T1 - Firewall performance optimization using data mining techniques
AU - Mustafa, Umniya
AU - Masud, Mohammad M.
AU - Trabelsi, Zouheir
AU - Wood, Timothy
AU - Al Harthi, Zainab
PY - 2013/9/16
Y1 - 2013/9/16
N2 - This paper presents a novel approach to improve firewall performance using data mining techniques. A traditional packet filtering firewall compares a packet against each filtering rule until a match is found. The filtering rules are stored as a rule list. Therefore, the time required to process a packet depends linearly on the number of filtering rules. This time can be prohibitively large for a firewall containing hundreds of rules and the firewall can be a bottleneck for the network if high bandwidth is required. To enhance the firewall performance, we propose a data mining solution. In this approach, instead of comparing the packet with each of the filtering rules, the firewall predicts which rule is most likely going to match the packet. This significantly reduces the processing time taken by the firewall to filter each packet and thus improves its performance. Comparisons were made between the cumulative processing time taken by a standard firewall and the enhanced firewall with data mining to process millions of packets. Compared to the standard firewall, the enhanced firewall took 40% less time in processing the packets.
AB - This paper presents a novel approach to improve firewall performance using data mining techniques. A traditional packet filtering firewall compares a packet against each filtering rule until a match is found. The filtering rules are stored as a rule list. Therefore, the time required to process a packet depends linearly on the number of filtering rules. This time can be prohibitively large for a firewall containing hundreds of rules and the firewall can be a bottleneck for the network if high bandwidth is required. To enhance the firewall performance, we propose a data mining solution. In this approach, instead of comparing the packet with each of the filtering rules, the firewall predicts which rule is most likely going to match the packet. This significantly reduces the processing time taken by the firewall to filter each packet and thus improves its performance. Comparisons were made between the cumulative processing time taken by a standard firewall and the enhanced firewall with data mining to process millions of packets. Compared to the standard firewall, the enhanced firewall took 40% less time in processing the packets.
KW - Data mining
KW - Decision-tree
KW - Firewall
KW - Packet filtering
KW - Performance optimization
UR - http://www.scopus.com/inward/record.url?scp=84883697147&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84883697147&partnerID=8YFLogxK
U2 - 10.1109/IWCMC.2013.6583682
DO - 10.1109/IWCMC.2013.6583682
M3 - Conference contribution
AN - SCOPUS:84883697147
SN - 9781467324793
T3 - 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013
SP - 934
EP - 940
BT - 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013
T2 - 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013
Y2 - 1 July 2013 through 5 July 2013
ER -