مرکز منطقه ای اطلاع رساني علوم و فناوري - A stateful inspection module architecture

DocumentCode :

1738866

Title :

A stateful inspection module architecture

Author :

Noureldien, Noureldien A. ; Osman, Izzeldin M.

Author_Institution :

Sudan Univ. of Sci. & Technol., Khartoum, Sudan

Volume :

fYear :

2000

fDate :

2000

Firstpage :

259

Abstract :

Packet filtering firewalls have evolved over the 1990s through a series of generations. Stateful inspection represents the climax of this evolution. This paper describes the security vulnerabilities and performance degradation inherent in the inspection module architecture of one of the leading firewalls in the market; Firewall-1 developed by Check Point. The paper proposes an architecture for a stateful inspection module that overcomes the security and performance problems. The proposed architecture protects against SYN flooding and firewall saturation denial of service attacks and preserves at the same time a high throughput

Keywords :

Internet; authorisation; inspection; telecommunication security; Check Point Firewall-1; DoS attack; SYN flooding; firewall saturation denial of service attacks; packet filtering firewalls; performance degradation; security vulnerabilities; stateful inspection module architecture; throughput; Computer crime; Degradation; Electronic mail; Filtering; Floods; Inspection; Matched filters; Protection; Protocols; Security;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

TENCON 2000. Proceedings

Conference_Location :

Kuala Lumpur

Print_ISBN :

0-7803-6355-8

Type :

conf

DOI :

10.1109/TENCON.2000.888744

Filename :

888744

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1738866