Sciweavers

INFOCOM
2008
IEEE

Firewall Compressor: An Algorithm for Minimizing Firewall Policies

14 years 6 months ago
Firewall Compressor: An Algorithm for Minimizing Firewall Policies
—A firewall is a security guard placed between a private network and the outside Internet that monitors all incoming and outgoing packets. The function of a firewall is to examine every packet and decide whether to accept or discard it based upon the firewall’s policy. This policy is specified as a sequence of (possibly conflicting) rules. When a packet comes to a firewall, the firewall searches for the first rule that the packet matches, and executes the decision of that rule. With the explosive growth of Internet-based applications and malicious attacks, the number of rules in firewalls have been increasing rapidly, which consequently degrades network performance and throughput. In this paper, we propose Firewall Compressor, a framework that can significantly reduce the number of rules in a firewall while keeping the semantics of the firewall unchanged. We make three major contributions in this paper. First, we propose an optimal solution using dynamic programming tec...
Alex X. Liu, Eric Torng, Chad R. Meiners
Added 31 May 2010
Updated 31 May 2010
Type Conference
Year 2008
Where INFOCOM
Authors Alex X. Liu, Eric Torng, Chad R. Meiners
Comments (0)