REFLO: Reactive firewall system with OpenFlow and flow monitoring system

REFLO: Reactive firewall system with OpenFlow and flow monitoring system

© 2017 IEEE. To maintain the high level of security, many organizations use Deep Packet Inspection (DPI) firewalls to filter anomaly traffic coming into their networks. However, a DPI firewall with a large volume of traffic can lead to a high packet drop rate, high delay, and the poor network throug...

Full description

Saved in:
Bibliographic Details
Main Authors: Vasaka Visoottiviseth, Suthasinee Lertviriyasawat, Peerada Suppiyatrakoon, Pattarajit Chitkornkitsil, Nariyoshi Yamai
Other Authors: Mahidol University
Format: Conference or Workshop Item
Published: 2018
Subjects:
Computer Science
Engineering
Online Access:https://repository.li.mahidol.ac.th/handle/123456789/42316
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Mahidol University
id th-mahidol.42316
record_format dspace
spelling th-mahidol.423162019-03-14T15:03:22Z REFLO: Reactive firewall system with OpenFlow and flow monitoring system Vasaka Visoottiviseth Suthasinee Lertviriyasawat Peerada Suppiyatrakoon Pattarajit Chitkornkitsil Nariyoshi Yamai Mahidol University Tokyo University of Agriculture and Technology Computer Science Engineering © 2017 IEEE. To maintain the high level of security, many organizations use Deep Packet Inspection (DPI) firewalls to filter anomaly traffic coming into their networks. However, a DPI firewall with a large volume of traffic can lead to a high packet drop rate, high delay, and the poor network throughput. One possible way to relieve the firewall workload is to deploy multiple firewalls and select only suspicious traffic to check with the firewall. To perform this task, we apply the Software Defined Network (SDN) concept by using the OpenFlow standard. We develop a system called Reactive Firewall System with OpenFlow and Flow Monitoring System (REFLO) to distribute traffic to multiple firewalls and bypass non-suspicious traffic. REFLO system is able to select the most appropriate firewall for each data flow based on the contents of the flow and rules set by administrators on the OpenFlow controller. In addition, REFLO allows administrators to easily monitor the network by visualizing the flow summarization and flow statistics on our web application. To verify the effectiveness of our system, we deploy OpenFlow switches by using the low-cost Raspberry Pi boards and deploy OpenFlow controller and the web application on an Ubuntu PC. Experimental results also confirm that REFLO can achieve the lower average packet delay and higher throughput than that of the existing firewall system. 2018-12-21T07:17:26Z 2019-03-14T08:03:22Z 2018-12-21T07:17:26Z 2019-03-14T08:03:22Z 2017-12-19 Conference Paper IEEE Region 10 Annual International Conference, Proceedings/TENCON. Vol.2017-December, (2017), 2273-2278 10.1109/TENCON.2017.8228240 21593450 21593442 2-s2.0-85044211666 https://repository.li.mahidol.ac.th/handle/123456789/42316 Mahidol University SCOPUS https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85044211666&origin=inward
institution Mahidol University
building Mahidol University Library
continent Asia
country Thailand
Thailand
content_provider Mahidol University Library
collection Mahidol University Institutional Repository
topic Computer Science
Engineering
spellingShingle Computer Science
Engineering
Vasaka Visoottiviseth
Suthasinee Lertviriyasawat
Peerada Suppiyatrakoon
Pattarajit Chitkornkitsil
Nariyoshi Yamai
REFLO: Reactive firewall system with OpenFlow and flow monitoring system
description © 2017 IEEE. To maintain the high level of security, many organizations use Deep Packet Inspection (DPI) firewalls to filter anomaly traffic coming into their networks. However, a DPI firewall with a large volume of traffic can lead to a high packet drop rate, high delay, and the poor network throughput. One possible way to relieve the firewall workload is to deploy multiple firewalls and select only suspicious traffic to check with the firewall. To perform this task, we apply the Software Defined Network (SDN) concept by using the OpenFlow standard. We develop a system called Reactive Firewall System with OpenFlow and Flow Monitoring System (REFLO) to distribute traffic to multiple firewalls and bypass non-suspicious traffic. REFLO system is able to select the most appropriate firewall for each data flow based on the contents of the flow and rules set by administrators on the OpenFlow controller. In addition, REFLO allows administrators to easily monitor the network by visualizing the flow summarization and flow statistics on our web application. To verify the effectiveness of our system, we deploy OpenFlow switches by using the low-cost Raspberry Pi boards and deploy OpenFlow controller and the web application on an Ubuntu PC. Experimental results also confirm that REFLO can achieve the lower average packet delay and higher throughput than that of the existing firewall system.
author2 Mahidol University
author_facet Mahidol University
Vasaka Visoottiviseth
Suthasinee Lertviriyasawat
Peerada Suppiyatrakoon
Pattarajit Chitkornkitsil
Nariyoshi Yamai
format Conference or Workshop Item
author Vasaka Visoottiviseth
Suthasinee Lertviriyasawat
Peerada Suppiyatrakoon
Pattarajit Chitkornkitsil
Nariyoshi Yamai
author_sort Vasaka Visoottiviseth
title REFLO: Reactive firewall system with OpenFlow and flow monitoring system
title_short REFLO: Reactive firewall system with OpenFlow and flow monitoring system
title_full REFLO: Reactive firewall system with OpenFlow and flow monitoring system
title_fullStr REFLO: Reactive firewall system with OpenFlow and flow monitoring system
title_full_unstemmed REFLO: Reactive firewall system with OpenFlow and flow monitoring system
title_sort reflo: reactive firewall system with openflow and flow monitoring system
publishDate 2018
url https://repository.li.mahidol.ac.th/handle/123456789/42316
_version_ 1763498009304236032

Similar Items