Title :
A Study on Application Layer Classification for Firewalls Using Regular Expression Matching
Author :
Marpaung, Jonathan A. P. ; Bhakti, M. Agni Catur ; Yazid, Setiadi
Author_Institution :
Fac. of Sci. & Technol., Univ. Siswa Bangsa Int., Jakarta, Indonesia
Abstract :
Traditional network level firewalls, based on port and IP addresses, are inadequate for dealing with the development of applications and protocols that do not follow the conventions of port services established by IANA (Internet Assigned Numbers Authority). Therefore firewalls capable of accurately classifying and filtering connections based on application information are needed. This paper studies one such firewall using Netfilter/Iptables with the L7-filter packet classifier to perform application layer filtering. This packet classifier uses regular expressions to match applications with a protocol definition database. We analyze a video streaming protocol, the Adobe Real Time Messaging Protocol (RTMP), to produce a protocol definition. Analysis of the performance of the protocol definition and L7-filter usage in general in a simulated network environment shows that this implementation functions well and does not disrupt network performance.
Keywords :
Internet; firewalls; pattern classification; protocols; Adobe Real Time Messaging Protocol; IANA; IP address; Internet Assigned Numbers Authority; L7-filter packet classifier; Netfilter-Iptables; RTMP; application layer classification; application layer filtering; network level firewalls; port services; protocol definition database; regular expression matching; video streaming protocol; Documentation; Ports (Computers); Protocols; Servers; Software; Telecommunication traffic; Application Layer Classification; Firewall; L7-filter; Netfilter/Iptables; Real Time Messaging Protocol;
Conference_Titel :
Advanced Computer Science Applications and Technologies (ACSAT), 2013 International Conference on
Conference_Location :
Kuching
DOI :
10.1109/ACSAT.2013.88
