Presentation | 2019-12-19 Implementation and Evaluation of Firewall Traversal Method by Inserting Pseudo TCP Header on End-nodes Keigo Taga, Kouichi Mouri, Junjun Zheng, Shoichi Saito, Eiji Takimoto, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | A wide range of communication protocols has been developed recently to address service diversification. At the same time, firewalls(FWs) are installed at the boundary between internal networks such as those owned by companies and homes, and the Internet. In general, FWs are configured as whitelists, and release only the port corresponding to the service to be used and block communication from other ports. In previous study, we proposed the method for traversing an FW and enabling communication by inserting a pseudo TCP header imitating HTTPS into a packet, which will be blocked by the FW. We confirmed the efficiency of the proposed method via its implementation and experiments in our previous work. Although common capsulating techniques work on end nodes, the previous implementation works on the relay node assuming a router. Furthermore, middleboxes which overwrite L3 and L4 headers in Internet should be taken into account. Thus, we added the feature against a typical middlebox, i.e. NAPT, into the previous work. In this paper, we describe the functional confirmation and the the performance evaluations of the both versions. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | QUIC / Firewall / TCP / Capsuling |
Paper # | IN2019-47 |
Date of Issue | 2019-12-12 (IN) |
Conference Information | |
Committee | IN / IA |
---|---|
Conference Date | 2019/12/19(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Satellite Campus Hiroshima |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | Performance Analysis and Simulation, Robustness, Traffic and Throughput Measurement, Quality of Service (QoS) Control, Congestion Control, Overlay Network/P2P, IPv6, Multicast, Routing, DDoS, etc. |
Chair | Takuji Kishida(NTT-AT) / Hiroyuki Osaki(Kwansei Gakuin Univ.) |
Vice Chair | Kenji Ishida(Hiroshima City Univ.) / Rei Atarashi(IIJ) / Toru Kondo(Hiroshima Univ.) / Hiroshi Yamamoto(Ritsumeikan Univ.) |
Secretary | Kenji Ishida(NTT Communications) / Rei Atarashi(NTT) / Toru Kondo(Hiroshima City Univ.) / Hiroshi Yamamoto(KDDI Research) |
Assistant | / Kenji Ohira(Osaka Univ.) / Daiki Nobayashi(Kyushu Inst. of Tech.) / Ryohei Banno(Tokyo Inst. of Tech.) |
Paper Information | |
Registration To | Technical Committee on Information Networks / Technical Committee on Internet Architecture |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Implementation and Evaluation of Firewall Traversal Method by Inserting Pseudo TCP Header on End-nodes |
Sub Title (in English) | |
Keyword(1) | QUIC |
Keyword(2) | Firewall |
Keyword(3) | TCP |
Keyword(4) | Capsuling |
1st Author's Name | Keigo Taga |
1st Author's Affiliation | Ritsumeikan University(Ritsumei Univ) |
2nd Author's Name | Kouichi Mouri |
2nd Author's Affiliation | Ritsumeikan University(Ritsumei Univ) |
3rd Author's Name | Junjun Zheng |
3rd Author's Affiliation | Ritsumeikan University(Ritsumei Univ) |
4th Author's Name | Shoichi Saito |
4th Author's Affiliation | Nagoya Institute of Technology(NIT) |
5th Author's Name | Eiji Takimoto |
5th Author's Affiliation | Ritsumeikan University(Ritsumei Univ) |
Date | 2019-12-19 |
Paper # | IN2019-47 |
Volume (vol) | vol.119 |
Number (no) | IN-342 |
Page | pp.pp.13-18(IN), |
#Pages | 6 |
Date of Issue | 2019-12-12 (IN) |