A Study on the Automatic Configuration System for Firewall Blocking Rules Using IPS and NAT Session Mapping Information to Improve Network Web Service Attack Traffic Load in a Network Address Translation Environment 


Vol. 49,  No. 9, pp. 1337-1343, Sep.  2024
10.7840/kics.2024.49.9.1337


PDF
  Abstract

In an Internet web services environment, Layer 7 attacks are blocked by an IPS or WAF device that is installed in front of the web server. Attack traffic still flows from the router to the IPS or WAF internals, causing network load and security threats. By monitoring the IPS or WAF, administrators can set blocking rules on the ingress firewall, but in real-world environments, attacks change dynamically, and attack IP/Ports change in a network address translation environment, making it impossible to manually set blocking rules. In this study, we developed a firewall carrier setting system by collecting and analyzing IPS Layer 7 attack blocking information and NAT session information in real time in a NAT environment, and confirmed through experiments that the internal network load phenomenon and security threats are improved.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Related Articles
  Cite this article

[IEEE Style]

B. Son and M. Yoo, "A Study on the Automatic Configuration System for Firewall Blocking Rules Using IPS and NAT Session Mapping Information to Improve Network Web Service Attack Traffic Load in a Network Address Translation Environment," The Journal of Korean Institute of Communications and Information Sciences, vol. 49, no. 9, pp. 1337-1343, 2024. DOI: 10.7840/kics.2024.49.9.1337.

[ACM Style]

Byeong-hong Son and Myungsik Yoo. 2024. A Study on the Automatic Configuration System for Firewall Blocking Rules Using IPS and NAT Session Mapping Information to Improve Network Web Service Attack Traffic Load in a Network Address Translation Environment. The Journal of Korean Institute of Communications and Information Sciences, 49, 9, (2024), 1337-1343. DOI: 10.7840/kics.2024.49.9.1337.

[KICS Style]

Byeong-hong Son and Myungsik Yoo, "A Study on the Automatic Configuration System for Firewall Blocking Rules Using IPS and NAT Session Mapping Information to Improve Network Web Service Attack Traffic Load in a Network Address Translation Environment," The Journal of Korean Institute of Communications and Information Sciences, vol. 49, no. 9, pp. 1337-1343, 9. 2024. (https://doi.org/10.7840/kics.2024.49.9.1337)
Vol. 49, No. 9 Index

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880