A Tunnel-Aware Language for Network Packet Filtering

Author

Ciminiera, Luigi ; Leogrande, Marco ; Liu, Ju ; Risso, Fulvio ; Morandi, Olivier

Author_Institution

Dipt. di Autom. e Inf., Politec. di Torino, Torino, Italy

fYear

2010

fDate

6-10 Dec. 2010

Firstpage

1

Lastpage

6

Abstract

While in computer networks the number of possible protocol encapsulations is growing day after day, network admin- istrators face ever increasing difficulties in selecting accurately the traffic they need to inspect. This is mainly caused by the limited number of encapsulations supported by currently available tools and the difficulty to exactly specify which packets have to be analyzed, especially in presence of tunneled traffic. This paper presents a novel packet processing language that, besides Boolean filtering predicates, introduces special constructs for handling the more complex situations of tunneled and stacked encapsulations, giving the user a finer control over the semantics of a filtering expression. Even though this language is principally focused on packet filters, it is designed to support other advanced packet processing mechanisms such as traffic classification and field extraction.

Keywords

Boolean algebra; computer network security; data encapsulation; filtering theory; protocols; telecommunication traffic; Boolean filtering; computer networks; network administrator; network packet filtering; packet processing language; protocol encapsulation; stacked encapsulation; tunnel-aware language; tunneled encapsulation; tunneled traffic; Context; Databases; Encapsulation; IP networks; Protocols; Syntactics; Tunneling;

fLanguage

English

Publisher

ieee

Conference_Titel

Global Telecommunications Conference (GLOBECOM 2010), 2010 IEEE

Conference_Location

Miami, FL

ISSN

1930-529X

Print_ISBN

978-1-4244-5636-9

Electronic_ISBN

1930-529X

Type

conf

DOI

10.1109/GLOCOM.2010.5683161

Filename

5683161