{"title":"防火墙早期包拒绝技术综述","authors":"S. Zeidan, Z. Trabelsi","doi":"10.1109/INNOVATIONS.2011.5893818","DOIUrl":null,"url":null,"abstract":"Packet filtering plays a critical role in the performance of many network devices such as firewalls, routers and intrusion detection and prevention systems. Tremendous amount of research works on packet classification was proposed to optimize packet filtering. However, most works use deterministic techniques and do not take into consideration the traffic characteristics. Moreover, most packet classifiers give no specific consideration for optimizing early packet rejection (compared with packet acceptance), which is very important for improving firewall performance. In this paper, we are limited to survey firewall early packet rejection techniques. The strengths and limitations of the techniques are discussed. Also, some improvements have been proposed. This work can be the basis to enhance these techniques or for proposing new approaches that provide better firewall performance.","PeriodicalId":173102,"journal":{"name":"2011 International Conference on Innovations in Information Technology","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"A survey on firewall's early packet rejection techniques\",\"authors\":\"S. Zeidan, Z. Trabelsi\",\"doi\":\"10.1109/INNOVATIONS.2011.5893818\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Packet filtering plays a critical role in the performance of many network devices such as firewalls, routers and intrusion detection and prevention systems. Tremendous amount of research works on packet classification was proposed to optimize packet filtering. However, most works use deterministic techniques and do not take into consideration the traffic characteristics. Moreover, most packet classifiers give no specific consideration for optimizing early packet rejection (compared with packet acceptance), which is very important for improving firewall performance. In this paper, we are limited to survey firewall early packet rejection techniques. The strengths and limitations of the techniques are discussed. Also, some improvements have been proposed. This work can be the basis to enhance these techniques or for proposing new approaches that provide better firewall performance.\",\"PeriodicalId\":173102,\"journal\":{\"name\":\"2011 International Conference on Innovations in Information Technology\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-04-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 International Conference on Innovations in Information Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INNOVATIONS.2011.5893818\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 International Conference on Innovations in Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INNOVATIONS.2011.5893818","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A survey on firewall's early packet rejection techniques
Packet filtering plays a critical role in the performance of many network devices such as firewalls, routers and intrusion detection and prevention systems. Tremendous amount of research works on packet classification was proposed to optimize packet filtering. However, most works use deterministic techniques and do not take into consideration the traffic characteristics. Moreover, most packet classifiers give no specific consideration for optimizing early packet rejection (compared with packet acceptance), which is very important for improving firewall performance. In this paper, we are limited to survey firewall early packet rejection techniques. The strengths and limitations of the techniques are discussed. Also, some improvements have been proposed. This work can be the basis to enhance these techniques or for proposing new approaches that provide better firewall performance.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
