Firewall Rule generation Using decision tree diagram

A firewall is a safety measure that is put in place between two or more networks. The ordering of the filtering rules affects the firewall’s functionality. The correct rule order must be determined after taking into account all rule relations. Every private network on the Internet has a firewall installed at its entry. A firewall’s job is to inspect each packet that enters the system and determine whether to accept it and let it continue, or to reject it and send it on its way. There are three main issues with the existing method of explicitly constructing a firewall as a liner rule.1. When a user specifies a rule in a firewall, the firewall machine checks to see if it matches or not.2. Enter the website if the rules are met in which case the packet is accepted; otherwise, the packet is dropped.3. Use mathematics to identify the unnecessary rules. Creating a firewall decision tree diagram (FDTD) is the first step in our procedure, and a theorem can be used to verify its consistency and completeness. The current study takes into account a scenario in which packet traffic results in a dynamic access rule set, which increases the computational cost of binary conversion during comparison. Therefore, integrating traffic awareness to create dynamic access rules and converting the access rule list to binary format will improve firewall optimization. Results from 1 million packets show that using a BDD-based strategy over a list-based with promotion method results in an average reduction of 70% for most-accept packets in such comparisons. This reduction is about 32% for packages that receive the most rejections.