Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Adaptive Statistical Optimization Techniques for Firewall Packet Filtering

Summary: 1
Adaptive Statistical Optimization Techniques for
Firewall Packet Filtering
Hazem Hamed, Adel El-Atawy, Ehab Al-Shaer
School of Computer Science, DePaul University, Chicago, USA
Abstract-- Packet filtering plays a critical role in the perfor-
mance of many network devices such as firewalls, IPSec gateways,
DiffServ and QoS routers. A tremendous amount of research was
proposed to optimize packet filters. However, most of the related
works use deterministic techniques and do not exploit the traffic
characteristics in their optimization schemes. In addition, most
packet classifiers give no specific consideration for optimizing
packet rejection, which is important for many filtering devices
like firewalls.
Our contribution in this paper is twofold. First, we present a
novel algorithm for maximizing early rejection of unwanted flows
without impacting other flows significantly. Second, we present
a new packet filtering optimization technique that uses adaptive
statistical search trees to utilizes important traffic characteristics
and minimize the average packet matching time. The proposed


Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University


Collections: Computer Technologies and Information Sciences