Implementasi untuk Meningkatkan Keamanan Jaringan Menggunakan Deep Packet Inspection pada Software Defined Networks

Danaswara Prawira Harja, Andrian Rakhmatsyah, Muhammad Arief Nugroho

Abstract


Abstract

Today, Software Defined Network (SDN) has been globally recognized as a new technology for network architecture. But, there is still lack in security. Many studies use methods such as the Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) to deal with social problems. But there is still a lack of security in terms of network performance. To solve the problem, can be used Deep Packet Inspection method (DPII) which make administrators can directly know what happens to traffic in real time. In this research, DPI will be implemented as security method and tested with Denial of Service (DoS) attack with Direct Attack. The results of testing on SDN networks that have been added DPI can perform packet detection such as IDS and blocking such as IPS with good performance time in overcoming attack.

Keywords: SDN, DPI, DoS attack, Direct Attack, performance


Full Text:

PDF

References


DDoS Detection in SDN. (2016, November 28). Available: https://github.com/MSJ94/DDoS_detection

Jakob S, D. S. (2016). A Review of Solutions for SDN-Exclusive Security Issues.

Li Yunchun, R. F. (2014). An Parallelized Deep Packet Inspection Design in Software Defined Network.

Open Networking Foundation. (2015). Principles and Practices for Securing Software-Defined Networks.

Paul Goransson, C. B. (2014). Software Defined Network: A Comprehensive Approach. Elsevier Inc (Morgan Kauffman is an imprint of Elsevier). Waltham: Morgan Kaufmann.

Paul Zanna, B. O. (2014). Adaptive Threat Management through the Integration of IDS into Software Defined Networks.

Pratama, R. F. (2017). Perancangan dan Implementasi Adaptive Intrusion Prevention System (IPS) untuk Pencegahan Penyerangan pada Arsitektur Software-Defined Network (SDN).

Radisys. (2010). DPI: Deep Packet Inspection Motivations, Technology, and Approaches for Improving Broadband Service Provider ROI.

Reham Taher El-Maghraby, N. M.-E. (2017). A survey on deep packet inspection. International Conference on Computer Engineering and Systems (ICCES) (pp. 188-197). Cairo: IEEE

Rodrigo Werlinger, K. H. (2017). The Challenge of Using an Intrusion Detection System: Is It Worth the Effort? University of British Columbia, 1-12.

Saad, H. (2016). Deep Packet Inspection using Snort. Victoria: University of Victoria.

Sakir Sezer, S. S.-H. (2013). Are We Ready for SDN? Implementation Challenge for Software-Defined Networks. IEEE Communications Magazine, 36-43.

Suresh Kumar, T. K. (2012). Open Flow Switch with Intrusion Detection System.

Tomasz Buljow, V. C.-E.-R. (2013). Comparison of Deep Packet Inspection (DPI) Tools for Traffic Classification. Barcelona: Universitat Politecnica de Catalunya.

Tianyi Xing, Z. X. (2014). SDNIPS: Enabling Software Defined Networking Based Intrusion Prevention System in Clouds.

Zhyuan.Hu, M. X. (2015). A Comprehensive Security Architecture for SDN.

Zuma Ibrahim, S. G. (2017). SDN-Based Intrusion Detection System.




DOI: http://dx.doi.org/10.21108/INDOJC.2019.4.1.286

Refbacks

  • There are currently no refbacks.


Copyright (c) 2019 Danaswara Prawira Harja

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.