一种基于冲突检测的无关联规则集匹配算法

防火墙已经成为网络安全体系中一个关键的角色,对防火墙的管理越来越受到重视。本文针对在防火墙管理中容易出现的过滤规则冲突问题和规则匹配效率问题,提出了一种基于冲突检测的无关联规则集匹配算法。本文通过对规则进行分析,确定了规则库中的规则应该符合的五个关系;通过对冲突规则的分类,得到了按照各种冲突的特性进行冲突检测产生的状态图,有助于对防火墙的现有规则库进行重写优化。本文在分析传统的线性顺序规则匹配算法和树形规则匹配算法的基础上,提出一种基于冲突检测的无关联规则集匹配算法,其平均比较次数为O(lg(n)),性能上大大优于现有的算法。

An Irrelative Rule Set Match Algorithm Based on Collision Detection

The fire wall has already become a key role in the network security architecture,and more and more attention has been paid to the management of firewalls. This paper aims at the problems of rule collision and rule match efficiency in the management of firewalls,and submits an irrelevant rule set match algorithm based on  collision detection. By analyzing  the filtering rules,the paper confirms 5 relations that the rules should be matched;by categorizing  the collision rules,the paper concludes the collision detection state diagram according to the collision's characteristics,which helps to optimize the firewall rule set. Based on the analysis of the traditional liner match algorithm and the tree match algorithm,the paper submits an irrelative rule set match algorithm based on collision detection.The efficiency of the algorithm is O(log(n)) on the average and the performance of the algorithm is better than the traditional ones.