IJERT-EMS
IJERT-EMS

Investigation and Analysis of Efficient Firewall Packet Filtering and Matching Algorithms


Investigation and Analysis of Efficient Firewall Packet Filtering and Matching Algorithms
Authors : Dr. Prof.P.K.Deshmukh, Dr. Prof. A.B.Bagwan, Ms.P.Kinage, Ms. S.A.Jadhav
Publication Date: 30-10-2012

Authors

Author(s):  Dr. Prof.P.K.Deshmukh, Dr. Prof. A.B.Bagwan, Ms.P.Kinage, Ms. S.A.Jadhav

Published in:   International Journal of Engineering Research & Technology

License:  This work is licensed under a Creative Commons Attribution 4.0 International License.

Website: www.ijert.org

Volume/Issue:   Vol.1 - Issue 8 (October - 2012)

e-ISSN:   2278-0181

Abstract

For the network devices like firewall or IPSec, packet filtering is plays very critical role in high speed networks. Thus it is important that firewall policies should be optimized in order to provide the efficient security for high speed networks. There are many techniques presented by researchers for exploiting the characteristics of the filtering policies, however they do not consider the traffic behavior in optimizing their search data structures. In this paper we are discussing the recent new optimized packet filter and packet matching techniques for both stateless and statfull firewall. Algorithm first is presented with an objective of reduction in packet matching cost in all cases where as algorithm second is presented with an objective of less cost and less packet matching time. We are discussing the algorithm first which is basically presented in order to produce efficient performance in terms of lower cost of packet matching of the firewall. The performance of the algorithm is related to complexity of the firewall rule set and is compared to an alternative algorithm demonstrating that the algorithm here has improved the packet matching cost in all cases. Thus in short we present an algorithm which orders the rules in a firewall rule set to best suit the trends in the network traffic (as given by a recent network trace file) and therefore reduce the potential number of packet-rule matches. Whereas in second investigated algorithm we consider a classical algorithm that we adapted to the firewall domain. We call the resulting algorithm °»Geometric Efficient Matching°… (GEM). The GEM algorithm enjoys a logarithmic matching time performance.

Citations

Number of Citations for this article:  Data not Available

Keywords

Key Word(s):    

Downloads

Number of Downloads:     1563
Similar-Paper

7   Paper(s) Found related to your topic:    

High Impact & Top Rated International Journal

        Call for Papers - April - 2017   

        

 

                 Call for Thesis - 2017 

     Publish your Ph.D/Master's Thesis Online

              Publish Ph.D Master Thesis Online as Book