Self-learning method for industrial firewall rules based on hash algorithm

In self-learning method for industrial firewall rules, there are scholars from different levels to carry out related research. Zhao & Zou (2009) for the factors that affect firewall performance and adaptive capacity. The paper introduces new filter rules reference model and more general adaptive algorithm, by using a timebased global information collection and statistical weight calculation, considering the recent network traffic and historical accumulation of data, to achieve a dynamic generation of personal firewall filtering rules. However, the model is based on expert experience to pre-set weight factor, but with different personal experiences the weighting factors are quite different, and it is difficult to set. Ren et al. (2006) the frequency of the use of filter rules within a certain time for statistical analysis, and dynamically adjust the relative order of the rules in the rule list according to the analysis results. So the most frequently used rules at the top of the rule list, which can reduce the packet rules match time, improve the performance of the firewall. However, the statistical time parameter T is determined and over simplified, it is difficult to deal with complex environmental requirements of industrial systems. Yun et al. (2013) analyzing DNP3 protocol