Packet demultiplexing and analysis is a core concern for network security, and has hence inspired numerous optimisation attempts since their conception in early packet demultiplexing filters such as CSPF and BPF. These optimisations have generally, but not exclusively, focused on improving the speed of packet classification. Despite these improvements however, packet filters require further optimisation in order to be effectively applied within next generation networks. One identified

more »

... on is that of reducing the average path length of the global filter by selecting an optimum filter permutation. Since redundant code generation does not change the order of computation, the initial filter order before filter optimisation affects the average path length of the resultant control-flow graph, thus selection of an optimum permutation of filters could provide significant performance improvements. Unfortunately, this problem is NP-Complete. In this paper, we consider using Genetic Algorithms to 'breed' an optimum filter permutation prior to redundant code elimination. Specifically, we aim to evaluate the effectiveness of such an optimisation in reducing filter control flow graphs.