Modelling and analysis of rule-based network security middleboxes

Khaled Salah, Aslam Chaudary

Research output: Contribution to journalArticlepeer-review

3 Scopus citations


This study presents an analytical model for rule-based network security middleboxes as those of network firewalls, intrusion detection systems and email spam filters. In these systems, incoming packets carrying requests arrive at the middlebox and obtain queued for processing in multiple stages. The stages consist of first a main stage for packet processing and then subsequent stages of rulebase interrogation in which rules or conditions are checked sequentially until a match is triggered. The service at these stages is characterised to be mutually exclusive; that is, only one stage is active at any time. The authors derive useful formulas that can predict the middlebox performance, taking into account its incoming request rate, the queue size and the processing capacity of the middlebox, and thereby proper engineering capacity of the middlebox can be achieved.

Original languageBritish English
Pages (from-to)305-312
Number of pages8
JournalIET Information Security
Issue number6
StatePublished - 1 Nov 2015


Dive into the research topics of 'Modelling and analysis of rule-based network security middleboxes'. Together they form a unique fingerprint.

Cite this