Bit vector algorithms enabling high-speed and memory-efficient firewall blacklisting
作者: Lane Thames , Randal Abler , David Keeling
关键词:
摘要: In a world of increasing Internet connectivity coupled with computer security risks, conscious network applications implementing blacklisting technology are becoming very prevalent because it provides the ability to prevent information exchange from known malicious sources. Current does so at application level. However, there numerous benefits for filters in firewall. These include reduced workload and bandwidth consumption. But, de facto algorithm firewalls is based on linear search first match principle, large blacklists not feasible implement due O(N) timing complexity methods. This paper addresses this issue by describing techniques that solve time without changing internal input-output behavior
acm.org
sci-hub.se 参考文章(7)
Nicholas W. Mckeown, Pankaj Gupta, Algorithms for routing lookups and packet classification ,(2000)
Johannes Ullrich, Phillip Porras, Jian Zhang, Highly predictive blacklisting usenix security symposium. pp. 107- 122 ,(2008)
Fabio Soldo, Karim El Defrawy, Athina Markopoulou, Balachander Krishnamurthy, Jacobus van der Merwe, Filtering sources of unwanted traffic information theory and applications. pp. 199- 208 ,(2008) , 10.1109/ITA.2008.4601049
T. V. Lakshman, D. Stiliadis, High-speed policy-based packet forwarding using efficient multi-dimensional range matching acm special interest group on data communication. ,vol. 28, pp. 203- 214 ,(1998) , 10.1145/285237.285283
M.G. Gouda, X.-Y.A. Liu, Firewall design: consistency, completeness, and compactness international conference on distributed computing systems. pp. 320- 327 ,(2004) , 10.1109/ICDCS.2004.1281597
E.S. Al-Shaer, H.H. Hamed, Discovery of policy anomalies in distributed firewalls international conference on computer communications. ,vol. 4, pp. 2605- 2616 ,(2004) , 10.1109/INFCOM.2004.1354680
Hyogon Kim, Inhye Kang, None, On the effectiveness of Martian address filtering and its extensions global communications conference. ,vol. 3, pp. 1348- 1352 ,(2003) , 10.1109/GLOCOM.2003.1258458