Packet Filtering Using a Decision Tree Classifier

Li, Chunyan; Lin, Wei; Yang, Yongtian

doi:10.1007/978-3-540-45080-1_109

Chunyan Li⁷,
Wei Lin⁷ &
Yongtian Yang⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2690))

Included in the following conference series:

International Conference on Intelligent Data Engineering and Automated Learning

1291 Accesses

Abstract

Packet filtering is an important technology in firewalls and other relevant security devices. Traditional packet filtering just compares some fields of an input packet header with a given rlue-list in linear order and finds out the first matched rule, then follows the matched rule’s policy to allow or block the packet. In this way, efficiency is low and rules in the rule-list are independent, so that information among them can not be used effectively. In this paper, a new idea using a decision tree classifier is proposed. It first builds a decision tree according to the rule-list and then searches the tree to find out the matched rule for an input packet. It can be illustrated that packet filtering using a decision tree classifier is more quickly and can study inductively from the rules, so it will make the packet filter firewall has some prediction ability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Ziegler, R.L.: Linux firewalls, 2nd edn. New Riders Publishing, Indianapolis. USA (2001)
Google Scholar
Quinlan, J.R.: Induction of decision trees. Machine Learning (1986)
Google Scholar
Xi-zhao, W., Jia-rong, H.: Learning algorithm of decision tree generation for interval-valued attributes. Chinese Journal ofSoftware 9(8), 638–640 (1998)
Google Scholar
Enhong, C., Qingyi, W., Qingsheng, C.: Test generation and discrimination of continuously-valued attributes in decision tree based learning. Chinese Computer Research and Development 35(5), 403–407 (1998)
Google Scholar

Download references

Author information

Authors and Affiliations

College of computer science and technology, Harbin Engineering University, Harbin, Hei Long Jiang, 150001, China
Chunyan Li, Wei Lin & Yongtian Yang

Authors

Chunyan Li
View author publications
You can also search for this author in PubMed Google Scholar
Wei Lin
View author publications
You can also search for this author in PubMed Google Scholar
Yongtian Yang
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Science, Hong Kong Baptist University, Kowloon Tong, Hong Kong
Jiming Liu
Department of Computer Science, Hong Kong Baptist University, Hong Kong
Yiu-ming Cheung
School of Electrical and Electronic Engineering, University of Manchester, UK
Hujun Yin

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Li, C., Lin, W., Yang, Y. (2003). Packet Filtering Using a Decision Tree Classifier. In: Liu, J., Cheung, Ym., Yin, H. (eds) Intelligent Data Engineering and Automated Learning. IDEAL 2003. Lecture Notes in Computer Science, vol 2690. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45080-1_109

Download citation

DOI: https://doi.org/10.1007/978-3-540-45080-1_109
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40550-4
Online ISBN: 978-3-540-45080-1
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics