Dynamic traffic awareness statistical model for firewall performance enhancement

Zouheir Trabelsi, Liren Zhang, Safaa Zeidan, Kilani Ghoudi

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)

Abstract

Firewall is considered to be one of the most important security components in today's IP network architectures. Firewall performance has a significant impact on the overall network performance. In this paper, we propose a mechanism to improve firewall performance, using network traffic behavior and packet filtering statistics. Upon certain threshold qualification (Chi-square test), the proposed mechanism allows optimizing the filtering rules order and their corresponding fields order according to the divergence of the traffic behavior. That is, if the firewall system is stable, then the same current filtering rules and/or rule-fields orders are used for filtering the next network traffic window. Otherwise, an update of the filtering rules and/or rule-fields orders is required for filtering the next network traffic window. The numerical results obtained by simulation demonstrate that the proposed mechanism allow to improve significantly the firewall performance in terms of cumulative packet processing time even for small security policies. This improvement is a result of the minimization of the overhead corresponding to the frequency of updating the rule/field structures, as well as of using the optimum traffic window size.

Original languageEnglish
Pages (from-to)160-172
Number of pages13
JournalComputers and Security
Volume39
Issue numberPART B
DOIs
Publication statusPublished - 2013

Keywords

  • Chi-square test
  • Filtering rule order
  • Firewall performance
  • Packet filtering
  • Rule-fields order
  • System stability
  • Window size

ASJC Scopus subject areas

  • Computer Science(all)
  • Law

Fingerprint

Dive into the research topics of 'Dynamic traffic awareness statistical model for firewall performance enhancement'. Together they form a unique fingerprint.

Cite this