OPTWALL: A Hierarchical Traffic-Aware Firewall. Mehmud Abliz, Subrata Acharya, Bryan Mills, Taieb Znati University of Pittsburgh, PA. Albert Greenberg, Microsoft Research, WA Jia Wang, Zihui Ge, AT&T Research, NJ. Introduction
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Mehmud Abliz, Subrata Acharya, Bryan Mills, Taieb ZnatiUniversity of Pittsburgh, PA
Albert Greenberg, Microsoft Research, WA
Jia Wang, Zihui Ge, AT&T Research, NJ
Main approach for improving firewalls – rule optimization. Yet optimizing firewalls is hard, because
Splits rule set hierarchically into multiple rule sets to reduce the average time for matching a packet to a rule.
Provides an adaptation scheme which can dynamically change priority of a rule based on the traffic.
How does a typical firewall works
A typical present day firewall enforces its security policies via a set of multi-dimensional packet filters (usually a list of rules). Traffic gets filtered by this list following the “first hit” principle.
This work has been accepted to NDSS 2007. Poster designed by Mehmud Abliz.