Comparison Of Algorithms For Detecting Firewall Policy Anomalies
Firewall is becoming very popular element in network security. It is widely adopted to ensure the security of
private networks by filtering out unwanted traffic. Firewall rules must be defined and ordered carefully to avoid firewall
policy anomalies that may cause network failure. Packet classification is the process of categorizing packets into “flows” in
an Internet router. All packets belonging to the same flow obey a predefined rule and are processed by the router. A set of
packet classification algorithms is proposed to automatically identify policy anomalies in packet filtering firewalls. Two fast
packet classification algorithms HSM (Hierarchical Space Mapping) and RFC (Recursive Flow Classification) are
implemented and analyzed on the basis of different parameters such as memory used, preprocessing time and lookup time.
Further it implements space efficient policy anomaly detection using HSM algorithm for packet filtering firewalls.
Keywords- Network security, Firewall, Packet classification, Anomalies.