Development of University of Indonesia next generation firewall prototype and access control with deep packet inspection

Harish Muhammad Nazief, Tonny Adhi Sabastian, Alfan Presekal, Gladhi Guarddin

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Citations (Scopus)

Abstract

Currently there are dozens of internet based applications. Each of these applications can be accessed by their user on the same application layer protocols but different pattern of payloads. For example social network applications like Facebook, Twitter and Google Plus. Each of them can be accessed using HTTPS protocol, but with different payload for each applications. It also possible to access a service in internet by using tunneled protocol, for example Bit Torrent protocol can be tunneled on top HTTP access. These kind of access modes make standard firewalls obsolete to regulate our university internet access control. In this research, we are aiming to prove whether an application layer access control can be developed using Deep Packet Inspection Method. With the deep packet inspection method, it is possible to identify applications based on their application signature. If the application signature can be identified, we can construct more robust rules to regulate university internet access control. We are developing a prototype of application layer access control using several number of free/open source software components. One of these components is Deep Packet Inspection Library-nDPI-which will become our main focus. This research also will explain the way to assemble those software components in order to perform access control functions. We are also performing a test against nDPI payload detection mechanism and the results are reported in this paper.

Original languageEnglish
Title of host publicationProceedings - ICACSIS 2014
Subtitle of host publication2014 International Conference on Advanced Computer Science and Information Systems
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages47-52
Number of pages6
ISBN (Electronic)9781479980758
DOIs
Publication statusPublished - 23 Mar 2014
Event2014 International Conference on Advanced Computer Science and Information Systems, ICACSIS 2014 - Jakarta, Indonesia
Duration: 18 Oct 201419 Oct 2014

Publication series

NameProceedings - ICACSIS 2014: 2014 International Conference on Advanced Computer Science and Information Systems

Conference

Conference2014 International Conference on Advanced Computer Science and Information Systems, ICACSIS 2014
Country/TerritoryIndonesia
CityJakarta
Period18/10/1419/10/14

Keywords

  • access control
  • application layer
  • application signature pattern
  • deep packet inspection
  • free/open source software
  • prototype

Fingerprint

Dive into the research topics of 'Development of University of Indonesia next generation firewall prototype and access control with deep packet inspection'. Together they form a unique fingerprint.

Cite this