Improving Network Security - A Comparison between nDPI and L7-Filter

Gandeva Bayu Satrya; Faiizal Eko Nugroho; Tri Brotoharsono

doi:10.21108/IJOICT.2016.22.77

Skip to main content Skip to main navigation menu Skip to site footer

Improving Network Security - A Comparison between nDPI and L7-Filter

Gandeva Bayu Satrya Telkom University http://orcid.org/0000-0002-0243-9020
Faiizal Eko Nugroho Telkom University
Tri Brotoharsono Telkom University

https://doi.org/10.21108/IJOICT.2016.22.77

Abstract views: 1028 ,

PDF downloads: 1383

Figure 1 downloads: 0

Figure 2 downloads: 0

Figure 3 downloads: 0

Figure 4 downloads: 0

Review Form downloads: 0

Second Revision downloads: 0

3rd revision downloads: 0

Revision 4 downloads: 0

Revision 5 downloads: 0

Review Form downloads: 0

Abstract

The classification of data traffic in a firewall using parameters such as port number, IP address, and MAC address is not sufficient. For example, currently, many applications can be used without a port number meaning they can easily circumvent a firewall. Firewalls inspecting up to only layer four could allow malicious data to pass. Next-generation deep packet inspection (DPI) is a method that can be used for firewalls as a method of classification up to layer seven in data traffic control.

This research recommends the use of nDPI and L7-filter by network administrators on existing open source firewalls. Eleven internet applications were used to test and analyze nDPI and L7-filter which are capable of detecting traffic based on the data signature. nDPI and L7-filter were tested for accuracy and speed. We conclude that the development of next-generation deep packet inspection is important for the future of system and network security.

Downloads

Download data is not yet available.

Published

2017-07-25

How to Cite

Satrya, G. B., Nugroho, F. E., & Brotoharsono, T. (2017). Improving Network Security - A Comparison between nDPI and L7-Filter. International Journal on Information and Communication Technology (IJoICT), 2(2), 11. https://doi.org/10.21108/IJOICT.2016.22.77

Download Citation

Issue

Vol. 2 No. 2 (2016): December 2016

Section

Security & Cryptography

This work is licensed under a Creative Commons Attribution 4.0 International License.

Manuscript submitted to IJoICT has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals. Author(s) shall agree to assign all copyright of published article to IJoICT. Requests related to future re-use and re-publication of major or substantial parts of the article must be consulted with the editors of IJoICT.