P. J. Lee, H. Guo and B. Veeravalli, "Enhancing CII firewall performance through hash based rule lookup," TENCON 2017 - 2017 IEEE Region 10 Conference, Penang, Malaysia, 2017, pp. 2285-2290. doi: 10.1109/TENCON.2017.8228242
It is important to develop defense mechanisms to bolster the cyber-physical security of critical infocomm infrastructure (CII) systems. A basic method of defense for CII systems is a firewall. Since SCADA / ICS systems may be negatively impacted by latencies and delays introduced by firewalls, which will translate to real world impacts, any implemented firewall in the network should attempt to minimize the latency it introduces. The latency in typical firewalls stems from packet classification, i.e. matching network traffic to firewall rules. It is this lookup time that we aim to improve through the development of a hash-based packet classification algorithm.
National Research Foundation (NRF), Prime Minister’s Office, Singapore