Program/Track A/A.3.1/Imitational modelling of packets filtering process by a firewall with ranking rules
Imitational modelling of packets filtering process by a firewall with ranking rules
Anatoliy Botvinko, Konstantin Samouylov
The article has been written in continuation of a series of works on the evaluation of the probabilistic and time characteristics of firewalls while ranking a set of filtering rules. The problem under consideration is the efficiency reduction of filtering the information flows caused by: a) using a sequential circuit for verifying packet compliance with rules; b) heterogeneous character and variability of network traffic. By using the developed model, the main firewall performance indicators for various traffic behavior scenarios were evaluated. The model proposed allows to evaluate the effectiveness of filtering rules ranking methods in order to improve the firewall performance.