Evaluation of Data Center Network Security based on Next-Generation Firewall

被引:0
作者
Alhasan A.J. [1 ]
Surantha N. [1 ]
机构
[1] Computer Science Department, BINUS Graduate Program-Master of Computer Science, Jakarta
来源
Alhasan, Andi Jehan | 1600年 / Science and Information Organization卷 / 12期
关键词
ICMP smurf attack; Network security; next-generation firewall; TCP SYN attack; UDP flood attack;
D O I
10.14569/IJACSA.2021.0120958
中图分类号
学科分类号
摘要
This study aims to create a network security system that can mitigate attacks carried out by internal users and reduce attacks from internal networks. Further, a network security system is expected to overcome the difficulty of mitigating attacks carried out by internal users. The goal of this research is to analyze the effectiveness of the Next-Generation Firewall implemented to improve network security. The method used in this research is the comparison method with a test of TCP SYN attack, UDP flood attack, ICMP smurf attack, and DHCP starvation attack on a company network. From the experiment results, it can be concluded that the Next-Generation Firewall has significantly better performance for protecting mitigating attacks carried out by internal users on a company network. It can increase the security of data communication networks against threats from the internal networks. © 2021. All Rights Reserved.
引用
收藏
页码:518 / 525
页数:7
相关论文
共 19 条
[1]  
Abubakar R., Aldegheishem A., Majeed M. F., Mehmood A., Maryam H., Alrajeh N. A., Jawad M., An Effective Mechanism to Mitigate Real-Time DDoS Attack, IEEE Access, 8, pp. 126215-126227, (2020)
[2]  
Ali A., Yousaf M. M., Novel Three-Tier Intrusion Detection and Prevention System in Software Defined Network, IEEE Access, 8, pp. 109662-109676, (2020)
[3]  
Alzahrani S., Hong L., Generation of DDoS attack dataset for effective ids development and evaluation, Journal of Information Security, 9, 4, pp. 225-241, (2018)
[4]  
Putra A. S., Surantha N., Internal Threat Defense using Network Access Control and Intrusion Prevention System, International Journal of Advanced Computer Science and Applications, 10, 9, (2019)
[5]  
Erlacher F., Dressler F., On High-Speed Flow-based Intrusion Detection using Snort-compatible Signatures, IEEE Transactions on Dependable and Secure Computing, (2020)
[6]  
Bul'ajoul W., James A., Shaikh S., A New Architecture For Network Intrusion Detection And Prevention, IEEE Access, 7, (2019)
[7]  
Kaur S., Singh M., Hybrid intrusion detection and signature generation using Deep Recurrent Neural Networks, Neural Computing and Applications, pp. 1-19, (2019)
[8]  
Duppa G., Surantha N., Evaluation of network security based on next-generation intrusion prevention system, Telkomnika, 17, 1, (2019)
[9]  
Ring M., Landes D., Hotho A., Detection of slow port scans in flow-based network traffic, PloS one, 13, 9, (2018)
[10]  
Rengaraju P., Ramanan V. R., Lung C. H., Detection and prevention of DoS attacks in Software-Defined Cloud networks, 2017 IEEE Conference on Dependable and Secure Computing, pp. 217-223, (2017)
12