Improving Network Security - A Comparison of Open Source DPI Software

Gandeva Bayu Satrya, Faiizal Eko Nugroho, Tri Brotoharsono

Abstract


The classification of data traffic in a firewall using parameters such as port number, IP address, and MAC address is not sufficient. For example, currently, many applications can be used without a port number meaning they can easily circumvent a firewall. Firewalls inspecting up to only layer four could allow malicious data to pass. Next-generation deep packet inspection (DPI) is a method that can be used for firewalls as a method of classification up to layer seven in data traffic control.

This research recommends the use of nDPI and L7-filter by network administrators on existing open source firewalls. Eleven internet applications were used to test and analyze nDPI and L7-filter which are capable of detecting traffic based on the data signature. nDPI and L7-filter were tested for accuracy and speed. We conclude that the development of next-generation deep packet inspection is important for the future of system and network security.


Full Text:

PDF


DOI: http://dx.doi.org/10.21108/IJOICT.2016.22.77

Refbacks

  • There are currently no refbacks.


Copyright (c) 2017 Gandeva Bayu Satrya, Faiizal Eko Nugroho, Tri Brotoharsono

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.