To search, Click below search items.


All Published Papers Search Service


Early packet rejection based on combining multiple fields using XOR operator with balanced tree


Vu Duy Nhat, Nguyen Manh Hung,


Vol. 15  No. 10  pp. 22-29


The firewall device has a main task that is protecting the internal network against attacks from outside the internal network, and it must itself against attacks aimed directly at himself, one of which is offensive attack DoS against default firewall rule. Several techniques have been proposed to resist this type of attack, the proposed techniques are aimed at how to reject a packet (which will be rejected by default rule) as soon as possible to reduce resource cost and time for the rejecting that packet. The early packet rejected is done by constructing the early packet filter based on the original packet filter or properties of the data flows through the firewall and the packet rejecting is done with this early packet filter. In the early packet rejection, the examination for a coming packet is performed on all the fields in the packet header and the checked time is proportional to the number of checked fields. This paper proposes the using XOR operator to combine two or more fields together and balanced-tree construction for the purpose of reducing average processing time per coming packet in early packet rejected. The effectiveness of the proposed technique is demonstrated by experiment when compared with other techniques.


firewall packet classification early packet rejection security policies in firewall.