{"title":"基于服务分组的防火墙规则优化模型","authors":"Lin Zhang, Mengxing Huang","doi":"10.1109/WISA.2015.47","DOIUrl":null,"url":null,"abstract":"Aiming at networks with a large number of firewall rules, in order to reduce the number of rules and rule filtering times while firewall's performance does not change, a firewall policy rules merging model based on rule-service is presented. The model detects the rules in a fast way using an algorithm based on rule service first, and then it resolves the conflicts segment by using action constraint strategy. And then it runs the rule merging algorithm in a set of rules with no anomalies based on service. Finally, the experimental results show that merging efficiency is outperformed compared with other similar rule merging models. Compared to the traditional firewall, the optimized firewall model made less filtering hits while processing the same packets.","PeriodicalId":198938,"journal":{"name":"2015 12th Web Information System and Application Conference (WISA)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"A Firewall Rules Optimized Model Based on Service-Grouping\",\"authors\":\"Lin Zhang, Mengxing Huang\",\"doi\":\"10.1109/WISA.2015.47\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Aiming at networks with a large number of firewall rules, in order to reduce the number of rules and rule filtering times while firewall's performance does not change, a firewall policy rules merging model based on rule-service is presented. The model detects the rules in a fast way using an algorithm based on rule service first, and then it resolves the conflicts segment by using action constraint strategy. And then it runs the rule merging algorithm in a set of rules with no anomalies based on service. Finally, the experimental results show that merging efficiency is outperformed compared with other similar rule merging models. Compared to the traditional firewall, the optimized firewall model made less filtering hits while processing the same packets.\",\"PeriodicalId\":198938,\"journal\":{\"name\":\"2015 12th Web Information System and Application Conference (WISA)\",\"volume\":\"51 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 12th Web Information System and Application Conference (WISA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WISA.2015.47\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 12th Web Information System and Application Conference (WISA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WISA.2015.47","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Firewall Rules Optimized Model Based on Service-Grouping
Aiming at networks with a large number of firewall rules, in order to reduce the number of rules and rule filtering times while firewall's performance does not change, a firewall policy rules merging model based on rule-service is presented. The model detects the rules in a fast way using an algorithm based on rule service first, and then it resolves the conflicts segment by using action constraint strategy. And then it runs the rule merging algorithm in a set of rules with no anomalies based on service. Finally, the experimental results show that merging efficiency is outperformed compared with other similar rule merging models. Compared to the traditional firewall, the optimized firewall model made less filtering hits while processing the same packets.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
