| dc.description.abstract | In recent years, with the rapid development of the Internet, the range of various online services has been continuously expanding, making people′s lives and work inseparably connected to the network. However, this convenience also brings severe security challenges. Particularly, the threats of application layer attacks and Distributed Denial of Service (DDoS) attacks are becoming increasingly prominent, posing significant risks to the data security and privacy of enterprises and users.
Application layer attacks target network application layer protocols, often exploiting vulnerabilities in applications. Attackers may use these vulnerabilities to steal sensitive information, disrupt system operations, or even control systems for malicious purposes. DDoS attacks aim to paralyze normally functioning services, denying legitimate users access to them, resulting in substantial losses.
To solve these problems, this paper proposes an application firewall based on containerization and DPDK technology. Containerization technology enables rapid deployment and lightweight operation, while DPDK technology enhances packet processing efficiency. Combining these features, the proposed application firewall system significantly strengthens defensive capabilities, achieving a 5% performance improvement compared to native Linux, and effectively protects network application services from application layer attack threats. | en_US |