Title :
Proposal of an Adaptive Firewall System in Collaboration with Extended DNS
Author :
Jin, Yong ; Yamai, Nariyoshi
Author_Institution :
Grad. Sch. of Natural Sci. & Technol., Okayama Univ., Okayama, Japan
Abstract :
With the popularity of the Internet services, network security becomes critical issue in the Internet world. Especially, the threats of malicious accesses make the firewall systems have to low down performance due to strict inspections. In this paper, we propose an adaptive firewall system in collaboration with DNS (Domain Name System) which introduces querier´s IP address notification feature. With such a feature, the proposal system can identify whether each communication flow can be trusted or not by checking the querier´s IP address and the DNS query target domain name. Then based on the result of checking, the firewall system adaptively decides specific operation for specific connection. Consequently, the trusted flows go through bypass route of higher bandwidth without heavy packet inspection while untrusted flows will be blocked or restricted by strict packet inspection. Thus, the firewall system totally accomplishes higher throughput.
Keywords :
Internet; computer network security; DNS query target domain name; IP address notification; Internet services; adaptive firewall system; domain name system; extended DNS; network security; packet inspection; Collaboration; IP networks; Inspection; Proposals; Protocols; Servers; Switches; DNS; Firewall System; Load Balancing;
Conference_Titel :
Applications and the Internet (SAINT), 2011 IEEE/IPSJ 11th International Symposium on
Conference_Location :
Munich, Bavaria
Print_ISBN :
978-1-4577-0531-1
Electronic_ISBN :
978-0-7695-4423-6
DOI :
10.1109/SAINT.2011.40
