A traffic-aware top-N firewall ruleset approximation algorithm

Ho Yu Lam, Donghan Wang, H. Jonathan Chao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Packet classification is widely used in various network security and operation applications. Two of the main challenges are the increasing number of classification rules, amount of traffic and network line speed. In this poster, we investigate an approximation algorithm for selecting the top-N most frequently matched subset of rules from the original ruleset. Through simulations, we show that our approaches the optimal while runs in seconds, allowing online adaptation to changing traffic patterns.

Original languageEnglish (US)
Title of host publicationANCS 2010 - Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
StatePublished - 2010
Event6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS 2010 - La Jolla, CA, United States
Duration: Oct 25 2010Oct 26 2010

Publication series

NameANCS 2010 - Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems

Other

Other6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS 2010
CountryUnited States
CityLa Jolla, CA
Period10/25/1010/26/10

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'A traffic-aware top-N firewall ruleset approximation algorithm'. Together they form a unique fingerprint.

Cite this