A study of enterprise software support on NDPI
Next Generation Firewall (NGFW) adds new capabilities of a standard fire-wall with an ability to inspect packets' contents, thus increasing precision. Three main usages of NGFW are to improve the Quality of Service (QoS) of a business, as an application-based filtering firewall, and to protect the network from known malware. A complete NGFW system has three main components: Deep Packet Inspection (DPI), Intrusion Prevention System (IPS), and an extra-firewall intelligence mechanism. Out of these three components, an essential part is the Packet Inspection engine. One example of open-source DPI implementations is called nDPI. The purpose of this thesis is to design and implement protocols needed by nDPI so that it has better enterprise-grade software support. To achieve this, this thesis analyzes 5 (five) various applications and their unique identifiers in each of the packets. Then, an additional set of rules will be added to the existing one. To test and validate, there will be a measurement of precision and performance of nDPI compared to the original, and to the commercial implementation of NGFW. As the result, it is proven that nDPI can be improved with new protocols at more than 90% of accuracy, with CPU execution time increase of less than 3,5% and less than 1% of peak heap memory increase.
Availability
| B2490 | Available |
Detail Information
- Series Title
-
-
- Call Number
-
2490
- Publisher
- : Swiss German University., 2017
- Collation
-
-
- Language
-
English
- ISBN/ISSN
-
-
- Classification
-
NONE
- Content Type
-
-
- Media Type
-
-
- Carrier Type
-
-
- Edition
-
-
- Subject(s)
- Specific Detail Info
-
-
- Statement of Responsibility
-
-
Other version/related
No other version available
File Attachment
Comments
You must be logged in to post a comment
Computer Science, Information & General Works 
Philosophy & Psychology 
Religion 
Social Sciences 
Language 
Pure Science 
Applied Sciences 
Art & Recreation 
Literature 
History & Geography