Packet classification with hierarchical cross-producting

Chun Liang Lee, Chia Tai Chan, Pi Chung Wang*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review


Packet classification has become one of the most important application techniques in network security since the last decade. The technique involves a traffic descriptor or user-defined criteria to categorize packets to a specific forwarding class which will be accessible for future security handling. To achieve fast packet classification, we propose a new scheme, Hierarchical Cross-Producting. This approach simplifies the classification procedure and decreases the distinct combinations of fields by hierarchically decomposing the multi-dimensional space based on the concept of telescopic search. Analogous to the use of telescopes with different powers**, a multiple-step process is used to search for targets. In our scheme, the multi-dimensional space is endowed with a hierarchical property which self-divides into several smaller subspaces, whereas the procedure of packet classification is translated into recursive searching for matching subspaces. The required storage of our scheme could be significantly reduced since the distinct field specifications of subspaces is manageable. The performance are evaluated based on both real and syntheticfilter databases. The experimental results demonstrate the effectiveness and scalability of the proposed scheme.

Original languageEnglish
Pages (from-to)1117-1126
Number of pages10
JournalIEICE Transactions on Information and Systems
Issue number5
StatePublished - 2010


  • Firewalls
  • Network intrusion detection systems
  • Packet classification
  • Packet forwarding


Dive into the research topics of 'Packet classification with hierarchical cross-producting'. Together they form a unique fingerprint.

Cite this