Thawatchai Chomsiri scite author profile

In this paper, we propose a novel connection tracking mechanism for Tree-rule firewall which essentially organizes firewall rules in a designated Tree structure. A new firewall model based on the proposed connection tracking mechanism is then developed and extended from the basic model of Netfilter's ConnTrack module, which has been used by many early generation commercial and open source firewalls including IPTABLES, the most popular firewall. To reduce the consumption of memory space and processing time, our proposed model uses one node per connection instead of using two nodes as appeared in Netfilter model. This can reduce memory space and processing time. In addition, we introduce an extended hash table with more hashing bits in our firewall model in order to accommodate more concurrent connections. Moreover, our model also applies sophisticated techniques (such as using static information nodes, and avoiding timer objects and memory management tasks) to improve its processing speed. Finally, we implement this model on Linux Cent OS 6.3 and evaluate its speed. The experimental results show that our model performs more efficiently in comparison with the Netfilter/IPTABLES.

show abstract

Architecture and Protocols for Secure LAN by Using a Software-Level Certificate and Cancellation of ARP Protocol

Pansa

Chomsiri

2008

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Thawatchai Chomsiri

Improving cloud network security using the Tree-Rule firewall

Limitation of Listed-Rule Firewall and the Design of Tree-Rule Firewall

Sniffing Packets on LAN without ARP Spoofing

A Stateful Mechanism for the Tree-Rule Firewall

Architecture and Protocols for Secure LAN by Using a Software-Level Certificate and Cancellation of ARP Protocol

Contact Info

Product

Resources

About