Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Information and Communications Security

ICICS 2012: Information and Communications Security pp 81–92Cite as

  1. Home
  2. Information and Communications Security
  3. Conference paper
Firewall Packet Filtering Optimization Using Statistical Traffic Awareness Test

Firewall Packet Filtering Optimization Using Statistical Traffic Awareness Test

  • Zouheir Trabelsi18,
  • Liren Zhang18 &
  • Safaa Zeidan18 
  • Conference paper
  • 2004 Accesses

  • 2 Citations

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7618)

Abstract

In this paper, we present a mechanism that utilizes network traffic behavior and packet filtering statistics to improve firewall performance. The proposed mechanism allows optimizing the filtering rules order and their corresponding fields order upon certain threshold qualification following the divergence of the traffic behavior. The current and previous traffic windows statistics are used to check the system stability using Chi-Square Test. The achieved gain in processing time compared to related mechanisms is due to minimizing the overhead corresponding to the frequency of updating the security policy rule/field structures.

Keywords

  • Packet Classification
  • Rule Order
  • Rule-fields Order
  • System Stability
  • Chi-square Test

Download conference paper PDF

References

  1. Trabelsi, Z., Zhang, L., Zeidan, S.: Packet Flow Histograms to Improve Firewall Efficiency. In: ICICS (December 2011)

    Google Scholar 

  2. Trabelsi, Z., Zeidan, S.: Multilevel Early Packet Filtering Technique based on Traffic Statistics and Splay Trees for Firewall Performance Improvement. In: ICC (June 2012)

    Google Scholar 

  3. Lan, K., Heidemann, J.: On the correlation of internet flow characteristics. Technical Report ISI-TR-574, USC/ISI (2003)

    Google Scholar 

  4. El-Atawy, A., Samak, T., Al-Shaer, E., Li, H.: Using online traffic statistical matching for optimizing packet filtering performance. In: IEEE INFOCOM 2007, pp. 866–874 (2007)

    Google Scholar 

  5. Gupta, P., McKeown, N.: Algorithms for packet classification. IEEE Network 15(2), 24–32 (2001)

    CrossRef  Google Scholar 

  6. Baboescu, F., Varghese, G.: Scalable packet classification. In: ACM SIGCOMM 2001 (2001)

    Google Scholar 

  7. McAulay, A.J., Francis, P.: Fast routing table lookup using CAMs. In: IEEE INFOCOM 1993 (March 1993)

    Google Scholar 

  8. Srinivasan, V., Suri, S., Varghese, G.: Packet classification using tuple space search. In: Computer ACM SIGCOMM Communication Review, pp. 135–146 (October 1999)

    Google Scholar 

  9. Feldmann, A., Muthukrishnan, S.: Tradeoffs for packet classification. In: IEEE INFOCOM 2000 (March 2000)

    Google Scholar 

  10. Gupta, P., McKeown, N.: Packet classification using hierarchical intelligent cuttings. In: Interconnects VII (August 1999)

    Google Scholar 

  11. Cohen, E., Lund, C.: Packet classification in large isps: design and evaluation of decision tree classifiers. In: SIGMETRICS 2005: Proceedings of the 2005 ACM SIGMETRIC International Conference on Measurement and Modeling of Computer Systems, pp. 73–84. ACM Press, New York (2005)

    CrossRef  Google Scholar 

  12. Woo, T.Y.C.: A modular approach to packet classification: Algorithms and results. In: IEEE INFOCOM 2000, pp. 1213–1222 (March 2000)

    Google Scholar 

  13. Gupta, P., Prabhakar, B., Boyd, S.: Near optimal routing lookups with bounded worst case performance. In: IEEE INFOCOM 2000 (2000)

    Google Scholar 

  14. Kencl, L., Schwarzer, C.: Traffic-adaptive packet filtering of denial of service attacks. In: WOWMOM 2006: The 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks, Washington, DC, USA, pp. 485–489 (2006)

    Google Scholar 

  15. Acharya, S., Abliz, M., Mills, B., Znati, T.F.: Optwall: a hierarchical traffic-aware firewall. In: Proceedings of 14th Annual Network & Distributed System Security Symposium (NDSS), San Diego, US (February 2007)

    Google Scholar 

  16. Hamed, H., Al-shear, E.: Dynamic Rule-ordering optimization for High-speed Firewall Filtering. In: ASIACCs 2006, Tuipei, Taiwam, March 21-24 (2006)

    Google Scholar 

  17. Hamed, H., El-Atawy, A., Al-Shaer, E.: On Dynamic Optimization of Packet Matching in High-Speed Firewalls. IEEE Journal on Selected Areas in Communications 24(10) (October 2006)

    Google Scholar 

  18. Al-Shear, E., El-Atawy, A., Tran, T.: Adaptive Early Packet filtering for Defending firewalls against DoS Attack. In: Proceeding of IEEE INFOCOM, pp. 1–9 (2009)

    Google Scholar 

  19. Waldvogel, M., Varghese, G., Turner, J., Plattner, B.: Scalable High Speed IP Routing Lookups. In: Proceedings of the ACM SIGCOMM (SIGCOMM 1997), pp. 25–36 (1997)

    Google Scholar 

  20. Sleator, D., Tarjan, R.: Self Adjusting Binary Search Trees. Journal of the ACM 32(3), 652–686 (1985)

    CrossRef  MathSciNet  MATH  Google Scholar 

  21. Neji, N., Bouhououla, A.: Dynamic Scheme for Packet Classification Using Splay trees. Information Assurance and Security, 1–9 (2009)

    Google Scholar 

  22. Hamed, H., El-Atawy, A., Al-Shaer, E.: Adaptive statistical optimization techniques for firewall packet filtering. In: IEEE INFOCOM 2006 (April 2006)

    Google Scholar 

  23. Mothersole, I., Reed, M.: Optimizing Rule Order for a Packet Filtering Firewall. In: SAR-SSI (2011)

    Google Scholar 

  24. Wang, W., Chen, H., Chen, J., Liu, B.: Firewall rule Ordering based on statistical Model. In: International Conference on Computer Enginnering and Technology (2009)

    Google Scholar 

  25. Wang, W., Ji, R., Chen, W., Chen, B., Li, Z.: Firewall Rules Sorting Baseb on Markov Model. In: Procedings of the International Symposium on Data Privacy and E-Comerce (2007)

    Google Scholar 

  26. Liu, A., Gouda, M.: Complete Redundancy Detection in Firewalls. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 193–206. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Information Technology, UAE University, Al-Ain, UAE

    Zouheir Trabelsi, Liren Zhang & Safaa Zeidan

Authors
  1. Zouheir Trabelsi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liren Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Safaa Zeidan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, The University of Hong Kong, Room 519, 5/F, Haking Building, Pokfulam Road, 852, Hong Kong, China

    Tat Wing Chim

  2. Department of Computer Science, The University of Hong Kong, Room 519, 5/F, Haking Wong Building, Pokfulam Road, 852, Hong Kong, China

    Tsz Hon Yuen

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Trabelsi, Z., Zhang, L., Zeidan, S. (2012). Firewall Packet Filtering Optimization Using Statistical Traffic Awareness Test. In: Chim, T.W., Yuen, T.H. (eds) Information and Communications Security. ICICS 2012. Lecture Notes in Computer Science, vol 7618. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34129-8_8

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-34129-8_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34128-1

  • Online ISBN: 978-3-642-34129-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature