Implementasi untuk Meningkatkan Keamanan Jaringan Menggunakan Deep Packet Inspection pada Software Defined Networks
DOI:
https://doi.org/10.21108/INDOJC.2019.4.1.286Abstract
Abstract
Today, Software Defined Network (SDN) has been globally recognized as a new technology for network architecture. But, there is still lack in security. Many studies use methods such as the Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) to deal with social problems. But there is still a lack of security in terms of network performance. To solve the problem, can be used Deep Packet Inspection method (DPII) which make administrators can directly know what happens to traffic in real time. In this research, DPI will be implemented as security method and tested with Denial of Service (DoS) attack with Direct Attack. The results of testing on SDN networks that have been added DPI can perform packet detection such as IDS and blocking such as IPS with good performance time in overcoming attack.
Keywords: SDN, DPI, DoS attack, Direct Attack, performance
Downloads
References
DDoS Detection in SDN. (2016, November 28). Available: https://github.com/MSJ94/DDoS_detection
Jakob S, D. S. (2016). A Review of Solutions for SDN-Exclusive Security Issues.
Li Yunchun, R. F. (2014). An Parallelized Deep Packet Inspection Design in Software Defined Network.
Open Networking Foundation. (2015). Principles and Practices for Securing Software-Defined Networks.
Paul Goransson, C. B. (2014). Software Defined Network: A Comprehensive Approach. Elsevier Inc (Morgan Kauffman is an imprint of Elsevier). Waltham: Morgan Kaufmann.
Paul Zanna, B. O. (2014). Adaptive Threat Management through the Integration of IDS into Software Defined Networks.
Pratama, R. F. (2017). Perancangan dan Implementasi Adaptive Intrusion Prevention System (IPS) untuk Pencegahan Penyerangan pada Arsitektur Software-Defined Network (SDN).
Radisys. (2010). DPI: Deep Packet Inspection Motivations, Technology, and Approaches for Improving Broadband Service Provider ROI.
Reham Taher El-Maghraby, N. M.-E. (2017). A survey on deep packet inspection. International Conference on Computer Engineering and Systems (ICCES) (pp. 188-197). Cairo: IEEE
Rodrigo Werlinger, K. H. (2017). The Challenge of Using an Intrusion Detection System: Is It Worth the Effort? University of British Columbia, 1-12.
Saad, H. (2016). Deep Packet Inspection using Snort. Victoria: University of Victoria.
Sakir Sezer, S. S.-H. (2013). Are We Ready for SDN? Implementation Challenge for Software-Defined Networks. IEEE Communications Magazine, 36-43.
Suresh Kumar, T. K. (2012). Open Flow Switch with Intrusion Detection System.
Tomasz Buljow, V. C.-E.-R. (2013). Comparison of Deep Packet Inspection (DPI) Tools for Traffic Classification. Barcelona: Universitat Politecnica de Catalunya.
Tianyi Xing, Z. X. (2014). SDNIPS: Enabling Software Defined Networking Based Intrusion Prevention System in Clouds.
Zhyuan.Hu, M. X. (2015). A Comprehensive Security Architecture for SDN.
Zuma Ibrahim, S. G. (2017). SDN-Based Intrusion Detection System.
Downloads
Published
How to Cite
Issue
Section
License
- Manuscript submitted to IndoJC has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals.Â
- Copyright on any article is retained by the author(s). Regarding copyright transfers please see below.
- Authors grant IndoJC a license to publish the article and identify itself as the original publisher.
- Authors grant IndoJC commercial rights to produce hardcopy volumes of the journal for sale to libraries and individuals.
- Authors grant any third party the right to use the article freely as long as its original authors and citation details are identified.
- The article and any associated published material is distributed under the Creative Commons Attribution 4.0License
