2015 Fiscal Year Final Research Report
Proactive Firewall System in Cooperation with DNS
| Project/Area Number |
25330105
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (C)
|
| Allocation Type | Multi-year Fund |
|---|
| Section | 一般 |
|---|
| Research Field |
Information network
|
|---|
| Research Institution | Okayama University |
|---|
Principal Investigator |
|
|---|
| Co-Investigator(Kenkyū-buntansha) |
YAMAI Nariyoshi 東京農工大学, 工学(系)研究科(研究院), 教授 (90210319)
|
|---|
| Project Period (FY) |
2013-04-01 – 2016-03-31
|
| Keywords | DNS / ファイアウォール |
|---|
| Outline of Final Research Achievements |
With the popularity of the Internet services, network security becomes critical issue in the Internet world. Especially, the threats of malicious accesses make the firewall systems have to low down performance due to strict inspections. In this study, we propose an adaptive firewall system in collaboration with DNS (Domain Name System) which introduces querier's IP address notification feature. With such a feature, the proposal system can identify whether each communication flow can be trusted or not by checking the querier's IP address and the DNS query target domain name. Then based on the result of checking, the firewall system adaptively decides specific operation for specific connection. Consequently, the trusted flows go through bypass route of higher bandwidth without heavy packet inspection while untrusted flows will be blocked or restricted by strict packet inspection. Thus, the firewall system totally accomplishes higher throughput.
|
| Free Research Field |
情報ネットワーク
|
