A novel genetic algorithm approach for firewall policy optimization

Exceeding the performance limits of current application filtering systems, both in terms of speed and versatility in supporting sophisticated filtering policies, is a highly topical issue in cybersecurity environments. Systems built for specific uses are fast but have limited filtering functions, and, on the other side, systems that adopt efficient semantics fail to meet performance requirements in terms of speed. This work aims to propose a novel mechanism for solving the problem of the optimal ordering of filtering policies in a firewall, to reduce the number of times the generic rule is evaluated, and thus having better efficiency from the point of view of time processing, as well as the speed of the filtering action. The proposed approach uses a genetic algorithm and involves combining two heuristics for managing mutually dependent policies. The results are encouraging in terms of both performance and timing.