Improving Network Security - A Comparison between nDPI and L7-Filter

Authors

DOI:

https://doi.org/10.21108/IJOICT.2016.22.77

Abstract

The classification of data traffic in a firewall using parameters such as port number, IP address, and MAC address is not sufficient. For example, currently, many applications can be used without a port number meaning they can easily circumvent a firewall. Firewalls inspecting up to only layer four could allow malicious data to pass. Next-generation deep packet inspection (DPI) is a method that can be used for firewalls as a method of classification up to layer seven in data traffic control.

This research recommends the use of nDPI and L7-filter by network administrators on existing open source firewalls. Eleven internet applications were used to test and analyze nDPI and L7-filter which are capable of detecting traffic based on the data signature. nDPI and L7-filter were tested for accuracy and speed. We conclude that the development of next-generation deep packet inspection is important for the future of system and network security.

Downloads

Download data is not yet available.

Downloads

Additional Files

Published

2017-07-25

How to Cite

Satrya, G. B., Nugroho, F. E., & Brotoharsono, T. (2017). Improving Network Security - A Comparison between nDPI and L7-Filter. International Journal on Information and Communication Technology (IJoICT), 2(2), 11. https://doi.org/10.21108/IJOICT.2016.22.77

Issue

Vol. 2 No. 2 (2016): December 2016

Section

Security & Cryptography

License

Manuscript submitted to IJoICT has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals. Author(s) shall agree to assign all copyright of published article to IJoICT. Requests related to future re-use and re-publication of major or substantial parts of the article must be consulted with the editors of IJoICT.