Thawatchai Chomsiri
Hybrid Tree-rule Firewall for High Speed Data Transmission
Chomsiri, Thawatchai; He, Xiangjian; Nanda, Priyadarsi; Tan, Zhiyuan
Abstract
Traditional firewalls employ listed rules in both configuration and process phases to regulate network traffic. However, configuring a firewall with listed rules may create rule conflicts, and slows down the firewall. To overcome this problem, we have proposed a Tree-rule firewall in our previous study. Although the Tree-rule firewall guarantees no conflicts within its rule set and operates faster than traditional firewalls, keeping track of the state of network connections using hashing functions incurs extra computational overhead. In order to reduce this overhead, we propose a hybrid Tree-rule firewall in this paper. This hybrid scheme takes advantages of both Tree-rule firewalls and traditional listed-rule firewalls. The GUIs of our Tree-rule firewalls are utilized to provide a means for users to create conflict-free firewall rules, which are organized in a tree structure and called 'tree rules'. These tree rules are later converted into listed rules that share the merit of being conflict-free. Finally, in decision making, the listed rules are used to verify against packet header information. The rules which have matched with most packets are moved up to the top positions by the core firewall. The mechanism applied in this hybrid scheme can significantly improve the functional speed of a firewall.
Citation
Chomsiri, T., He, X., Nanda, P., & Tan, Z. (2016). Hybrid Tree-rule Firewall for High Speed Data Transmission. IEEE Transactions on Cloud Computing, 1-1. https://doi.org/10.1109/tcc.2016.2554548
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Apr 3, 2016 |
| Online Publication Date | Apr 14, 2016 |
| Publication Date | 2016 |
| Deposit Date | Nov 15, 2016 |
| Publicly Available Date | Nov 18, 2016 |
| Journal | IEEE Transactions on Cloud Computing |
| Print ISSN | 2168-7161 |
| Publisher | Institute of Electrical and Electronics Engineers |
| Peer Reviewed | Peer Reviewed |
| Pages | 1-1 |
| DOI | https://doi.org/10.1109/tcc.2016.2554548 |
| Keywords | Firewalls (computing), Cloud computing, IP networks, Field programmable gate arrays, Filtering, Ports (Computers) |
| Public URL | http://researchrepository.napier.ac.uk/Output/424671 |
| Contract Date | Nov 18, 2016 |
Files
Hybrid tree-rule firewall for high speed data transmission
(1.4 Mb)
PDF
Copyright Statement
(c) 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works."
You might also like
Machine Un-learning: An Overview of Techniques, Applications, and Future Directions
(2023)
Journal Article
A Digital Twin-Assisted Intelligent Partial Offloading Approach for Vehicular Edge Computing
(2023)
Journal Article
An omnidirectional approach to touch-based continuous authentication
(2023)
Journal Article
Special Issue on Adversarial AI to IoT Security and Privacy Protection: Attacks and Defenses
(2022)
Journal Article