A traffic-aware top-N firewall approximation algorithm

Ho Yu Lam, Donghan Wang, H. Jonathan Chao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Packet classification is widely used in various network security and operation applications. Two of the main challenges are the increasing number of classification rules, amount of traffic and network line speed. In this paper, we investigate an approximation algorithm for selecting the top- N most frequently matched subset of rules from the original ruleset. The goal is to obtain Top-N rules that covers as much traffic as possible while preserving the dependency relationships. Through simulations, we show that our approaches the optimal while runs in seconds, allowing online adaptation to changing traffic patterns.

Original languageEnglish (US)
Title of host publication2011 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2011
Pages1036-1041
Number of pages6
DOIs
StatePublished - 2011
Event2011 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2011 - Shanghai, China
Duration: Apr 10 2011Apr 15 2011

Publication series

Name2011 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2011

Other

Other2011 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2011
Country/TerritoryChina
CityShanghai
Period4/10/114/15/11

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Communication

Fingerprint

Dive into the research topics of 'A traffic-aware top-N firewall approximation algorithm'. Together they form a unique fingerprint.

Cite this