A Study Of Enterprise Software Support On nDPI

Radityatama, Gregorius Aldo and Lim, Charles and Ipung, Heru Purnomo (2017) A Study Of Enterprise Software Support On nDPI. Bachelor thesis, Swiss German University.

[img]
Preview
Text
Gregorius Radityatama 11302005 TOC.pdf

Download (270kB) | Preview
[img] Text
Gregorius Radityatama 11302005 1.pdf
Restricted to Registered users only

Download (245kB)
[img] Text
Gregorius Radityatama 11302005 2.pdf
Restricted to Registered users only

Download (325kB)
[img] Text
Gregorius Radityatama 11302005 3.pdf
Restricted to Registered users only

Download (259kB)
[img] Text
Gregorius Radityatama 11302005 4.pdf
Restricted to Registered users only

Download (420kB)
[img] Text
Gregorius Radityatama 11302005 5.pdf
Restricted to Registered users only

Download (172kB)
[img]
Preview
Text
Gregorius Radityatama 11302005 Ref.pdf

Download (220kB) | Preview

Abstract

Next Generation Firewall (NGFW) adds new capabilities of a standard �re-wall with an ability to inspect packets' contents, thus increasing precision. Three main usages of NGFW are to improve the Quality of Service (QoS) of a business, as an application-based �ltering �rewall, and to protect the network from known malware. A complete NGFW system has three main components: Deep Packet Inspection (DPI), Intrusion Prevention System (IPS), and an extra-�rewall intelligence mechanism. Out of these three components, an essential part is the Packet Inspection engine. One example of open-source DPI implementations is called nDPI. The purpose of this thesis is to design and implement protocols needed by nDPI so that it has better enterprise-grade software support. To achieve this, this thesis analyzes 5 (�ve) various applications and their unique identi�ers in each of the packets. Then, an additional set of rules will be added to the existing one. To test and validate, there will be a measurement of precision and performance of nDPI compared to the original, and to the commercial implementation of NGFW As the result, it is proven that nDPI can be improved with new protocols at more than 90% of accuracy, with CPU execution time increase of less than 3,5% and less than 1% of peak heap memory increase.

Item Type: Thesis (Bachelor)
Uncontrolled Keywords: Next Generation Firewall; Deep Packet Inspection; Protocol Identification; nDPI
Subjects: Q Science > QA Mathematics > QA76 Computer software
Divisions: Faculty of Engineering and Information Technology > Department of Information Technology
Depositing User: Astuti Kusumaningrum
Date Deposited: 10 May 2020 09:14
Last Modified: 10 May 2020 09:14
URI: http://repository.sgu.ac.id/id/eprint/261

Actions (login required)

View Item View Item