B. Xu, G. Zhou, Y. Xue, and J. Li (PRC)
Packet filtering, traffic statistics, binary trees
Packet filtering plays an important role in network devices such as firewalls, routers, security gateways and intrusion detection systems. Numerous schemes have been proposed to improve packet filtering techniques. Many previous works struggled to utilize the characteristics of filtering rule-sets as optimization heuristics. However, there are rarely efforts excavating network traffic characteristics. This paper focuses on analyzing the statistical characteristics of network traffic and imposing it to optimize packet filtering algorithms. Contribution of the paper includes two aspects: first, the skewness and time correlation in real-life traffic is presented to illustrate network traffic statistics; second, an adaptive packet filtering algorithm, AHSM, is proposed based on HSM algorithm for improving average packet filtering speed. AHSM takes traffic statistics as heuristics and constructs statistical search trees for single field searching. Experimental results show that the optimized algorithm reduces 20%~50% of the single field matching overhead compared with the HSM algorithm and improves the overall performance by 35%~45%, while retaining the same memory usage.
Important Links:
Go Back
