(2007) A Heuristic Approach for Firewall Policy Optimization. In: IEEE International Conference on Advanced Communication Technology (ICACT’07).
|
PDF
a_heuristic_approach_for_firewall_policy_el_alfy_isip_000245348102064.pdf Download (28kB) | Preview |
Abstract
A primary goal of this paper is to develop a heuristic approach based on genetic algorithms to enhance the firewall performance. Typical firewall policies may have thousands of rules and determining an optimal rule order that minimizes the average number of rule comparisons while maintaining the policy integrity is proven to be NP-hard. This problem is formulated as a binary integer program for which an optimal solution is obtained using the branch-and-bound technique. Then an alternative solution approach is devised based on genetic algorithms. Several experiments are conducted to evaluate the effectiveness of the proposed approach as compared to other rule-ordering techniques. Empirical results show the potential and flexibility of the proposed approach.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Subjects: | Computer |
| Department: | College of Computing and Mathematics > Information and Computer Science |
| Depositing User: | Dr. EL-SAYED EL-ALFY |
| Date Deposited: | 25 Jun 2008 11:55 |
| Last Modified: | 31 Dec 2020 06:25 |
| URI: | http://eprints.kfupm.edu.sa/id/eprint/10698 |