TY - GEN
T1 - Development of University of Indonesia next generation firewall prototype and access control with deep packet inspection
AU - Nazief, Harish Muhammad
AU - Sabastian, Tonny Adhi
AU - Presekal, Alfan
AU - Guarddin, Gladhi
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2014/3/23
Y1 - 2014/3/23
N2 - Currently there are dozens of internet based applications. Each of these applications can be accessed by their user on the same application layer protocols but different pattern of payloads. For example social network applications like Facebook, Twitter and Google Plus. Each of them can be accessed using HTTPS protocol, but with different payload for each applications. It also possible to access a service in internet by using tunneled protocol, for example Bit Torrent protocol can be tunneled on top HTTP access. These kind of access modes make standard firewalls obsolete to regulate our university internet access control. In this research, we are aiming to prove whether an application layer access control can be developed using Deep Packet Inspection Method. With the deep packet inspection method, it is possible to identify applications based on their application signature. If the application signature can be identified, we can construct more robust rules to regulate university internet access control. We are developing a prototype of application layer access control using several number of free/open source software components. One of these components is Deep Packet Inspection Library-nDPI-which will become our main focus. This research also will explain the way to assemble those software components in order to perform access control functions. We are also performing a test against nDPI payload detection mechanism and the results are reported in this paper.
AB - Currently there are dozens of internet based applications. Each of these applications can be accessed by their user on the same application layer protocols but different pattern of payloads. For example social network applications like Facebook, Twitter and Google Plus. Each of them can be accessed using HTTPS protocol, but with different payload for each applications. It also possible to access a service in internet by using tunneled protocol, for example Bit Torrent protocol can be tunneled on top HTTP access. These kind of access modes make standard firewalls obsolete to regulate our university internet access control. In this research, we are aiming to prove whether an application layer access control can be developed using Deep Packet Inspection Method. With the deep packet inspection method, it is possible to identify applications based on their application signature. If the application signature can be identified, we can construct more robust rules to regulate university internet access control. We are developing a prototype of application layer access control using several number of free/open source software components. One of these components is Deep Packet Inspection Library-nDPI-which will become our main focus. This research also will explain the way to assemble those software components in order to perform access control functions. We are also performing a test against nDPI payload detection mechanism and the results are reported in this paper.
KW - access control
KW - application layer
KW - application signature pattern
KW - deep packet inspection
KW - free/open source software
KW - prototype
UR - http://www.scopus.com/inward/record.url?scp=84927739546&partnerID=8YFLogxK
U2 - 10.1109/ICACSIS.2014.7065869
DO - 10.1109/ICACSIS.2014.7065869
M3 - Conference contribution
AN - SCOPUS:84927739546
T3 - Proceedings - ICACSIS 2014: 2014 International Conference on Advanced Computer Science and Information Systems
SP - 47
EP - 52
BT - Proceedings - ICACSIS 2014
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2014 International Conference on Advanced Computer Science and Information Systems, ICACSIS 2014
Y2 - 18 October 2014 through 19 October 2014
ER -