| Presentation | 2017-05-12 [Invited Lecture] Implementing a distributive virtual firewall using OpenFlow Eitetsu Gen, Junichi Murayama, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Recently, DNS amplification attacks to a targeted server is occurring frequently. Those attacks also cause congestion of the targeted network that accommodate the targeted server. To solve this problem, we have proposed a virtual firewall scheme. In this scheme, firewall functions are distributively located at the border routers of provider networks. Those functions are required to achieve dynamic packet filtering by way of their cooperation. To meet this requirement, we propose a scheme to implement this cooperate function using OpenFlow technology. In this implementation, a single OpenFlow controller accommodates multiple OpenFlow switches. The switch operates as a firewall function. The controller notifies all switches of the same filtering status information. This approach achieves distributive dynamic packet filtering. According to our prototype implementation, we confirmed that the DNS response packet passed through the firewall function appropriately even when DNS request packet and its response packet transferred via different firewall functions. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | DNS amp Attack / OpenFlow / reflector / firewall / dynamic packet filtering |
| Paper # | IN2017-11,RCS2017-49 |
| Date of Issue | 2017-05-04 (IN, RCS) |
| Conference Information | |
| Committee | RCS / IN |
|---|---|
| Conference Date | 2017/5/11(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Kikai-Shinko-Kaikan Bldg. |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Hidekazu Murata(Kyoto Univ.) / Katsunori Yamaoka(Tokyo Inst. of Tech.) |
| Vice Chair | Satoshi Denno(Okayama Univ.) / Yukitoshi Sanada(Keio Univ.) / Eisuke Fukuda(Fujitsu Labs.) / Takuji Kishida(NTT) |
| Secretary | Satoshi Denno(Toshiba) / Yukitoshi Sanada(NTT DoCoMo) / Eisuke Fukuda(KDDI R&D Labs.) / Takuji Kishida(NTT) |
| Assistant | Tetsuya Yamamoto(Panasonic) / Toshihiko Nishimura(Hokkaido Univ.) / Koichi Ishihara(NTT) / Kazushi Muraoka(NEC) / Shinsuke Ibi(Osaka Univ.) / Kunitake Kaneko(Keio Univ.) / Hiroaki Karasawa(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Radio Communication Systems / Technical Committee on Information Networks |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | [Invited Lecture] Implementing a distributive virtual firewall using OpenFlow |
| Sub Title (in English) | |
| Keyword(1) | DNS amp Attack |
| Keyword(2) | OpenFlow |
| Keyword(3) | reflector |
| Keyword(4) | firewall |
| Keyword(5) | dynamic packet filtering |
| 1st Author's Name | Eitetsu Gen |
| 1st Author's Affiliation | Tokai University(Tokai Univ.) |
| 2nd Author's Name | Junichi Murayama |
| 2nd Author's Affiliation | Tokai University(Tokai Univ.) |
| Date | 2017-05-12 |
| Paper # | IN2017-11,RCS2017-49 |
| Volume (vol) | vol.117 |
| Number (no) | IN-21,RCS-22 |
| Page | pp.pp.55-58(IN), pp.109-112(RCS), |
| #Pages | 4 |
| Date of Issue | 2017-05-04 (IN, RCS) |