Dynamic Update of Firewall Policy Based on MFDT

Dynamic Update of Firewall Policy Based on MFDT

To improve the filtering speed of firewall, researchers have proposed many expression tools for firewall policy. However, these tools share a limitation: not compatible with dynamic updating of firewall policy. Therefore, this paper suggests marked firewall decision trees (MFDT) model. MFDT can hand...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Wenhui Chen, Weiping Wang, Zhepeng Li, Huaping Chen
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Binary decision diagrams
Boolean functions
Data structures
Decision trees
Filtering
Matched filters
Nonlinear filters
Packaging
Technology management
Testing
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:To improve the filtering speed of firewall, researchers have proposed many expression tools for firewall policy. However, these tools share a limitation: not compatible with dynamic updating of firewall policy. Therefore, this paper suggests marked firewall decision trees (MFDT) model. MFDT can handle not only the package filtering but also dynamically response to the updating of original policies. First of all, it is given the definition of MFDT. For three situation of policy change: adding, modifying and deleting of rules, corresponding updating algorithms of MFDT are given. In the end, MFDT's integrality and complexity are proved
DOI:10.1109/ICCIAS.2006.295436