Firewall data packet matching algorithm based on rule tree retrieval

A matching algorithm and data packet technology, which is applied in the field of information security, can solve problems such as unstable performance, and achieve the effects of improving performance, easy dynamic modification of rules, and good time and space complexity

Inactive Publication Date: 2019-04-16
G CLOUD TECH
View PDF7 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this type of algorithm is that its key is to rely on the statistics of historical matching numbers, the characteristics of the data to be processed and the matching statistics, so the performance is unstable. The advantage is that the implementation is very simple

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall data packet matching algorithm based on rule tree retrieval
  • Firewall data packet matching algorithm based on rule tree retrieval
  • Firewall data packet matching algorithm based on rule tree retrieval

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] See image 3 , is a flowchart of the present invention including rule tree construction and data packet processing. Including the following methods:

[0032] The first step: preprocessing rules.

[0033] Preprocessing rules, to process the input firewall rules. The firewalls referred to here include network firewalls, database firewalls, web application firewalls, and other systems and devices that implement access control based on data classification and rule matching principles. The algorithm described in the present invention is applicable to them all.

[0034] In this embodiment, the input firewall rules are preprocessed to be used in the construction of the rule tree in the next stage;

[0035] Its specific operations include: formalizing and standardizing the rules. If the submitted rule is missing in the description field, the rule will be logically completed. Check whether the completed rules are logically equal, included, etc., and if so, simplify them. ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a firewall data packet matching algorithm based on rule tree retrieval. The method provided by the invention comprises the step of a preprocessing rules, constructing a rule tree and matching a data packet; the step of processing the rules is to perform formalization and standardization processing on the rules to generate a rule set with a complete and uniform structure; the step of constructing the rule tree is to process all rules to generate a tree data structure that is organized, stores all rule information and is easy to be retrieved quickly; and the step of matching the data packet comprises: 1. parsing the data packet to be matched to obtain data packet features; 2. performing retrieval matching on each feature of the data packet one by one according to theconstructed rule tree to finally match a certain rule; recording a matching count and a backtracking count; and 3. executing a policy set by the matched rule, or, executing a default policy if the rule is not matched. The invention provides a firewall data packet matching algorithm having excellent performance and controllable space complexity and friendly supporting the increase and decrease ofthe rules.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a firewall data packet matching algorithm based on rule tree retrieval. Background technique [0002] In the information age, organizations and individuals generate a large amount of data and demands every moment, and transmit them interactively through the network. A lot of malicious information is hidden in it. As an important means and facility to ensure network security, firewall plays an indispensable role. One of the core working principles of a firewall device is to check, match and process past data packets according to preset or learned rules. Among them, communication data matching performance becomes the key to affect firewall network throughput and response speed. High-performance packet matching strategies and algorithms are of great significance to optimize the network performance of firewall devices. [0003] Traditional firewall rule matching algo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/0263
Inventor 韩飞季统凯
Owner G CLOUD TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap