Transport layer proxy for stateful UDP packet filtering

Kow Chuen Chang, King P. Fung

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

3 Citations (Scopus)

Abstract

Firewall support for UDP traffic today is still insecure and inadequate. We propose in this paper a transport layer proxy (TLP) to provide a secure UDP firewall traversal service on the transport layer (the TLP supports TCP as well). For each UDP association with endpoints separated by a TLP server, the TLP server performs user-level or host-level authentication, packet filtering, packet relaying, optional network address translation, session logging, timing-out of idle association, and other security-related functions. The core of the TLP is a two-step TLP binding procedure that makes a UDP association stateful between a TLP client and a TLP server. This binding procedure supports Active UDP Open, Passive UDP Open, and Source-Specific UDP Open, which a local program may perform on a UDP socket.
Original languageEnglish
Title of host publicationProceedings - ISCC 2002
Subtitle of host publication7th International Symposium on Computers and Communications
Pages595-600
Number of pages6
DOIs
Publication statusPublished - 1 Dec 2002
Event7th International Symposium on Computers and Communications, ISCC 2002 - Taormina-Giardini Naxos, Italy
Duration: 1 Jul 20024 Jul 2002

Conference

Conference7th International Symposium on Computers and Communications, ISCC 2002
CountryItaly
CityTaormina-Giardini Naxos
Period1/07/024/07/02

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Software
  • Mathematics(all)
  • Signal Processing

Cite this