Paper Title
Comparison Of Algorithms For Detecting Firewall Policy Anomalies

Firewall is becoming very popular element in network security. It is widely adopted to ensure the security of private networks by filtering out unwanted traffic. Firewall rules must be defined and ordered carefully to avoid firewall policy anomalies that may cause network failure. Packet classification is the process of categorizing packets into “flows” in an Internet router. All packets belonging to the same flow obey a predefined rule and are processed by the router. A set of packet classification algorithms is proposed to automatically identify policy anomalies in packet filtering firewalls. Two fast packet classification algorithms HSM (Hierarchical Space Mapping) and RFC (Recursive Flow Classification) are implemented and analyzed on the basis of different parameters such as memory used, preprocessing time and lookup time. Further it implements space efficient policy anomaly detection using HSM algorithm for packet filtering firewalls. Keywords- Network security, Firewall, Packet classification, Anomalies.