一种基于统计分析的自适应性动态过滤规则优化方法

A Self-adaptive of Dynamic Filtration Rules based on Statistical Analysis

防火墙过滤规则是否合理直接影响到防火墙系统的性能,但是如何检查过滤规则之间的先后顺序对防火墙安全性的影响是至关重要的,为此提出了具有自适应特性的基于统计分析的动态过滤规则优化的方法。该方法根据统计数据动态调整过滤规则的相对次序,使其和当前网络流量特性相一致,并且具有自适应性,提高了防火墙系统智能,而且还可以检查出系统的有效过滤规则,以及检查防火墙过滤规则是否存在安全漏洞。

The filtration rule affects directly the firewall system performance,but how to inspects the filtration rule＇s order for firewall secure influence is successively very important.this article proposed the research of a self-adaptive dynamic filtration rule based on statistical analysis with the secure inspection . This method is dynamically adjusted according to statistics,the relative order of filtering rules to network traffic characteristics and the current line,and has self-adaptability,enhances the firewall system performance,but also may inspect the system the invalid filtration rule,and inspect the firewall filtration rule＇ s leak.