计算机工程 ›› 2008, Vol. 34 ›› Issue (15): 129-131.doi: 10.3969/j.issn.1000-3428.2008.15.045

• 安全技术 • 上一篇    下一篇

基于统计分析与规则冲突检测的防火墙优化

杨 奕,杨树堂,陈健宁,陆松年   

  1. (上海交通大学信息安全工程学院,上海 200240)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-08-05 发布日期:2008-08-05

Optimization of Firewall Based on Statistic Analysis and Rule Anomaly Detection

YANG Yi, YANG Shu-tang, CHEN Jian-ning, LU Song-nian   

  1. (School of Information Security Engineering, Shanghai Jiaotong University, Shanghai 200240)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-08-05 Published:2008-08-05

摘要: 提出一种基于统计分析和规则冲突检测的防火墙优化方法,从防火墙规则的匹配概率入手,结合规则间的冲突检测,实现防火墙规则的精简和线型匹配优化。实验表明,该方法在一般情况下能对防火墙已有的规则进行精简,使其平均规则匹配次数减少40%,性能得到较大的提高。

关键词: 防火墙规则匹配, 统计分析, 规则冲突检测, 平均规则匹配次数

Abstract: This paper proposes a firewall-optimization method based on statistics analysis and anomaly detection. This method starts from the firewall rules matching probability, combines with anomaly detection, simplifies and optimizes the firewall rules. Experiments show that in ordinary circumstances, this method can simplify the firewall rules, and reduce the average number of rule comparisons required for firewall by 40%, greatly improving the performance.

Key words: firewall rules matching, statistic analysis, rule anomaly detection, average number of rules matching

中图分类号: