Stochastic Pre-Classification for Software Defined Firewalls Conference Paper uri icon

abstract

  • Firewalls are ubiquitous security functions and exist in almost all network connected devices whether protecting host stacks or providing transient packet filtering. Firewall performance, which is a key ingredient for network performance, can be greatly degraded by traffic crafted to exploit its filtering algorithms. These attacks can greatly reduce the Quality of Service (QoS) received by existing authorized flows in the firewall. This paper proposes a novel architecture that decouples this linkage between authorized flow QoS and adversarial traffic, marginalizing disruption caused by unauthorized flows, and ultimately improving overall performance of software defined firewalls. We show substantial improvements in throughput, packet loss, and latency over baseline software defined firewalls with varying ratios of attack traffic. All results are obtained using the cycle accurate architecture simulator gem5, and Internet packet traces obtained from 10 Gbps interfaces of core Internet routers. 2013 IEEE.

name of conference

  • 2013 22nd International Conference on Computer Communication and Networks (ICCCN)

published proceedings

  • 2013 22nd International Conference on Computer Communication and Networks (ICCCN)

author list (cited authors)

  • Ghoshal, P., Casey, C. J., Gratz, P. V., & Sprintson, A.

citation count

  • 3

complete list of authors

  • Ghoshal, Pritha||Casey, C Jasson||Gratz, Paul V||Sprintson, Alex

publication date

  • January 2013