An Efficient Firewall Application Using Learned Cuckoo Filter

With the development of Software Defined Networking (SDN), the most investigated firewall type is software firewall, running as application on control plane. The main process in firewalls is matching network traffic with stored security policies, that is, packet classification. Although extensive research has been conducted in this area, existing packet classification algorithms still face problems of low classification performance and large storage space. To minimize the impact of the packet classification on the entire network, we propose an efficient firewall using Learned Cuckoo filter (LCF) based packet classification algorithm. This algorithm adopts a hierarchical search strategy. The single-field matching results is obtain first. Then the machine learning model is used as a pre-filter in front of the cuckoo filter, which effectively eliminates unnecessary rule search in the next stage and achieves a memory reduction, as well as an improvement on performance. We implemented a proposed firewall prototype. Extensive simulations verify the superiority of the introduced design in terms of false positive rate, memory consumption and memory access.