@inproceedings{c94ddf6850cd414081e0ce23a148b339,
title = "Limitation of listed-rule firewall and the design of tree-rule firewall",
abstract = "This research will illustrate that firewalls today (Listed-Rule Firewall) have five important limitations which may lead to security problem, speed problem, and {"}difficult to use{"} problem. These limitations consist of, firstly, limitation about {"}Shadowed rules{"} (the rule that cannot match with any packet because a packet will be matched with other rules above) which can lead to security and speed problem. Secondly, limitation about swapping position between rules can bring a change in firewall policy and cause security problem. The third limitation is about {"}Redundant rules{"} which can cause speed problem. Next, limitation of rule design; firewall administrators have to put {"}Bigger Rules{"} only at the bottom or lower positions that can result in a {"}difficult to use{"} problem. Lastly, limitation from sequential computation can lead to speed problem. Moreover, we also propose design of the new firewall named {"}Tree-Rule Firewall{"} which does not have above limitations.",
keywords = "Firewall, Network security, Rule conflict, Rule list, Tree rule",
author = "Thawatchai Chomsiri and Xiangjian He and Priyadarsi Nanda",
note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 2012.; 5th International Conference on Internet and Distributed Computing Systems, IDCS 2012 ; Conference date: 21-11-2012 Through 23-11-2012",
year = "2012",
doi = "10.1007/978-3-642-34883-9_22",
language = "English",
isbn = "9783642348822",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "275--287",
editor = "Yang Xiang and Mukaddim Pathan and Xiaohui Tao and Hua Wang",
booktitle = "Internet and Distributed Computing Systems - 5th International Conference, IDCS 2012, Proceedings",
address = "Germany",
}