Research on Firewalls, Intrusion Detection Systems, and Monitoring Solutions Compatible with QUIC's Encryption and Evolving Protocol Features
DOI:
https://doi.org/10.63282/3050-9416.IJAIBDCMS-V5I2P110Keywords:
QUIC protocol, firewalls, intrusion detection systems, encrypted traffic, network monitoring, telemetry, deep packet inspection, network securityAbstract
The QUIC (Quick UDP Internet Connections) protocol, formerly created by Google and now standardized by the IETF, is a fundamental change in internet communication, since it allows Transport and Cryptographic Handshake to be merged in one protocol. It is precedence-based on efficiency and protection, using capabilities such as multiplexing, connection migration and extensive encryption of data, including encrypted headers. Although QUIC greatly enhances user experience and security, it adds special obstacles to the classical network security devices, including firewalls, Intrusion Detection Systems (IDS), and monitoring solutions. They are what are referred to as legacy systems, constructed mainly to pass TCP/IP traffic with easily accessible headers and traffic payload. The present research paper examines the problems that QUIC poses to the current network security measures and proceeds to research the enlightened security tools that can work without inflicting incompatibility on the QUIC architecture. We then present a detailed review of the QUIC protocol, discussing what makes it difficult to be inspected and blocked by network security appliances. A literature survey is carried out in order to investigate existing research on such problems. Behavior-based methods of intrusion detection, machine learning to classify encrypted traffic, and endpoint collaboration will be discussed. We describe testing of contemporary QUIC-savvy firewalls and IDS implementations and introduce a platform that combines encrypted traffic scanning capabilities through any telemetry and metadata investigation. Our findings are presented with the use of flowcharts, diagrams, and tables. In the end, the paper would give researchers and practitioners practical use of steps towards the creation or adaptation of network security tools during the era of encrypted transport protocols such as QUIC
References
1. Iyengar, J., & Thomson, M. (2021). QUIC: A UDP-based multiplexed and secure transport. In RFC 9000.
2. Langley, A., Riddoch, A., Wilk, A., Vicente, A., Krasic, C., Zhang, D., ... & Shi, Z. (2017, August). The Quick Transport Protocol: Design and Internet-Scale Deployment. In Proceedings of the conference of the ACM special interest group on data communication (pp. 183-196).
3. Böttger, T., Cuadrado, F., Antichi, G., Fernandes, E. L., Tyson, G., Castro, I., & Uhlig, S. (2019, October). An Empirical Study of the Cost of DNS-over-HTTPS. In Proceedings of the Internet Measurement Conference (pp. 15-21).
4. Lotfollahi, M., Jafari Siavoshani, M., Shirali Hossein Zade, R., & Saberian, M. (2020). Deep packet: A novel approach for encrypted traffic classification using deep learning. Soft Computing, 24(3), 1999-2012.
5. Alshammari, R., & Zincir-Heywood, A. N. (2011). Can encrypted traffic be identified without port numbers, IP addresses and payload inspection?. Computer networks, 55(6), 1326-1350.
6. Kakhki, A. M., Jero, S., Choffnes, D., Nita-Rotaru, C., & Mislove, A. (2017, November). Taking a long look at QUIC: an approach for rigorous evaluation of rapidly evolving transport protocols. In Proceedings of the 2017 Internet Measurement Conference (pp. 290-303).
7. Este, A., Gringoli, F., & Salgarelli, L. (2009). Support Vector Machines for TCP Traffic Classification. Computer Networks, 53(14), 2476-2490.
8. Bittau, A., Hamburg, M., Handley, M., Mazieres, D., & Boneh, D. (2010). The case for ubiquitous {Transport-Level} encryption. In the 19th USENIX Security Symposium (USENIX Security 10).
9. Holz, R., Amann, J., Mehani, O., Wachs, M., & Kaafar, M. A. (2015). TLS in the wild: An Internet-wide analysis of TLS-based protocols for electronic communication. arXiv preprint arXiv:1511.00341.
10. Dhanjani, N., & Clarke, J. (2005). Network Security Tools: Writing, Hacking, and Modifying Security Tools. " O'Reilly Media, Inc.".
11. Pavur, J., Strohmeier, M., Lenders, V., & Martinovic, I. (2020). QPEP: A QUIC-based approach to encrypted performance-enhancing proxies for high-latency satellite broadband. arXiv preprint arXiv:2002.05091.
12. Chatzoglou, E., Kouliaridis, V., Karopoulos, G., & Kambourakis, G. (2023). Revisiting QUIC attacks: A comprehensive review on QUIC security and a hands-on study. International Journal of Information Security, 22(2), 347-365.
13. Lychev, R., Jero, S., Boldyreva, A., & Nita-Rotaru, C. (2015, May). How secure and quick is QUIC? Provable security and performance analyses. In 2015 IEEE Symposium on Security and Privacy (pp. 214-231). IEEE.
14. Cui, Y., Li, T., Liu, C., Wang, X., & Kühlewind, M. (2017). Innovating transport with QUIC: Design approaches and research challenges. IEEE Internet Computing, 21(2), 72-76.
15. Kumar, P., & Dezfouli, B. (2019). Implementation and analysis of QUIC for MQTT. Computer Networks, 150, 28-45.
16. Soni, M., & Rajput, B. S. (2020). Security and Performance Evaluations of the QUIC Protocol. In Data Science and Intelligent Applications: Proceedings of ICDSIA 2020 (pp. 457-462). Singapore: Springer Singapore.
17. Rüth, J., Poese, I., Dietzel, C., & Hohlfeld, O. (2018, March). A First Look at QUIC in the Wild. In International Conference on Passive and Active Network Measurement (pp. 255-268). Cham: Springer International Publishing.
18. Joarder, Y. A., & Fung, C. (2022, October). A Survey on the Security Issues of QUIC. In 2022, 6th Cyber Security in Networking Conference (CSNet) (pp. 1-8). IEEE.
19. Al-Bakhat, L., & Almuhammadi, S. (2022, March). Intrusion detection on Quic Traffic: A machine learning approach. In 2022 7th International Conference on Data Science and Machine Learning Applications (CDMA) (pp. 194-199). IEEE.
20. Chakir, O., Sadqi, Y., & Maleh, Y. (2023). Evaluation of open-source web application firewalls for cyber threat intelligence. In Big Data Analytics and Intelligent Systems for Cyber Threat Intelligence (pp. 35-48). River Publishers.
21. Rusum, G. P., Pappula, K. K., & Anasuri, S. (2020). Constraint Solving at Scale: Optimizing Performance in Complex Parametric Assemblies. International Journal of Emerging Trends in Computer Science and Information Technology, 1(2), 47-55. https://doi.org/10.63282/3050-9246.IJETCSIT-V1I2P106
22. Pappula, K. K. (2020). Browser-Based Parametric Modeling: Bridging Web Technologies with CAD Kernels. International Journal of Emerging Trends in Computer Science and Information Technology, 1(3), 56-67. https://doi.org/10.63282/3050-9246.IJETCSIT-V1I3P107
23. Rahul, N. (2020). Optimizing Claims Reserves and Payments with AI: Predictive Models for Financial Accuracy. International Journal of Emerging Trends in Computer Science and Information Technology, 1(3), 46-55. https://doi.org/10.63282/3050-9246.IJETCSIT-V1I3P106
24. Enjam, G. R., & Chandragowda, S. C. (2020). Role-Based Access and Encryption in Multi-Tenant Insurance Architectures. International Journal of Emerging Trends in Computer Science and Information Technology, 1(4), 58-66. https://doi.org/10.63282/3050-9246.IJETCSIT-V1I4P107
25. Pappula, K. K. (2021). Modern CI/CD in Full-Stack Environments: Lessons from Source Control Migrations. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 2(4), 51-59. https://doi.org/10.63282/3050-9262.IJAIDSML-V2I4P106
26. Pedda Muntala, P. S. R. (2021). Prescriptive AI in Procurement: Using Oracle AI to Recommend Optimal Supplier Decisions. International Journal of AI, BigData, Computational and Management Studies, 2(1), 76-87. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V2I1P108
27. Rahul, N. (2021). Strengthening Fraud Prevention with AI in P&C Insurance: Enhancing Cyber Resilience. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 2(1), 43-53. https://doi.org/10.63282/3050-9262.IJAIDSML-V2I1P106
28. Enjam, G. R., Chandragowda, S. C., & Tekale, K. M. (2021). Loss Ratio Optimization using Data-Driven Portfolio Segmentation. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 2(1), 54-62. https://doi.org/10.63282/3050-9262.IJAIDSML-V2I1P107
29. Rusum, G. P., & Pappula, K. K. (2022). Federated Learning in Practice: Building Collaborative Models While Preserving Privacy. International Journal of Emerging Research in Engineering and Technology, 3(2), 79-88. https://doi.org/10.63282/3050-922X.IJERET-V3I2P109
30. Pappula, K. K. (2022). Modular Monoliths in Practice: A Middle Ground for Growing Product Teams. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 53-63. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I4P106
31. Anasuri, S. (2022). Next-Gen DNS and Security Challenges in IoT Ecosystems. International Journal of Emerging Research in Engineering and Technology, 3(2), 89-98. https://doi.org/10.63282/3050-922X.IJERET-V3I2P110
32. Pedda Muntala, P. S. R. (2022). Detecting and Preventing Fraud in Oracle Cloud ERP Financials with Machine Learning. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(4), 57-67. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I4P107
33. Rahul, N. (2022). Enhancing Claims Processing with AI: Boosting Operational Efficiency in P&C Insurance. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 77-86. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I4P108
34. Enjam, G. R., & Tekale, K. M. (2022). Predictive Analytics for Claims Lifecycle Optimization in Cloud-Native Platforms. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(1), 95-104. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I1P110
35. Rusum, G. P., & Pappula, K. K. (2023). Low-Code and No-Code Evolution: Empowering Domain Experts with Declarative AI Interfaces. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 4(2), 105-112. https://doi.org/10.63282/3050-9262.IJAIDSML-V4I2P112
36. Pappula, K. K., & Rusum, G. P. (2023). Multi-Modal AI for Structured Data Extraction from Documents. International Journal of Emerging Research in Engineering and Technology, 4(3), 75-86. https://doi.org/10.63282/3050-922X.IJERET-V4I3P109
37. Anasuri, S. (2023). Confidential Computing Using Trusted Execution Environments. International Journal of AI, BigData, Computational and Management Studies, 4(2), 97-110. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V4I2P111
38. Pedda Muntala, P. S. R., & Jangam, S. K. (2023). Context-Aware AI Assistants in Oracle Fusion ERP for Real-Time Decision Support. International Journal of Emerging Trends in Computer Science and Information Technology, 4(1), 75-84. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I1P109
39. Rahul, N. (2023). Transforming Underwriting with AI: Evolving Risk Assessment and Policy Pricing in P&C Insurance. International Journal of AI, BigData, Computational and Management Studies, 4(3), 92-101. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V4I3P110
40. Enjam, G. R. (2023). AI Governance in Regulated Cloud-Native Insurance Platforms. International Journal of AI, BigData, Computational and Management Studies, 4(3), 102-111. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V4I3P111
41. Pappula, K. K., & Rusum, G. P. (2020). Custom CAD Plugin Architecture for Enforcing Industry-Specific Design Standards. International Journal of AI, BigData, Computational and Management Studies, 1(4), 19-28. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V1I4P103
42. Rahul, N. (2020). Vehicle and Property Loss Assessment with AI: Automating Damage Estimations in Claims. International Journal of Emerging Research in Engineering and Technology, 1(4), 38-46. https://doi.org/10.63282/3050-922X.IJERET-V1I4P105
43. Enjam, G. R., & Tekale, K. M. (2020). Transitioning from Monolith to Microservices in Policy Administration. International Journal of Emerging Research in Engineering and Technology, 1(3), 45-52. https://doi.org/10.63282/3050-922X.IJERETV1I3P106
44. Pappula, K. K., & Anasuri, S. (2021). API Composition at Scale: GraphQL Federation vs. REST Aggregation. International Journal of Emerging Trends in Computer Science and Information Technology, 2(2), 54-64. https://doi.org/10.63282/3050-9246.IJETCSIT-V2I2P107
45. Pedda Muntala, P. S. R., & Jangam, S. K. (2021). Real-time Decision-Making in Fusion ERP Using Streaming Data and AI. International Journal of Emerging Research in Engineering and Technology, 2(2), 55-63. https://doi.org/10.63282/3050-922X.IJERET-V2I2P108
46. Rahul, N. (2021). AI-Enhanced API Integrations: Advancing Guidewire Ecosystems with Real-Time Data. International Journal of Emerging Research in Engineering and Technology, 2(1), 57-66. https://doi.org/10.63282/3050-922X.IJERET-V2I1P107
47. Enjam, G. R., & Chandragowda, S. C. (2021). RESTful API Design for Modular Insurance Platforms. International Journal of Emerging Research in Engineering and Technology, 2(3), 71-78. https://doi.org/10.63282/3050-922X.IJERET-V2I3P108
48. Rusum, G. P. (2022). Security-as-Code: Embedding Policy-Driven Security in CI/CD Workflows. International Journal of AI, BigData, Computational and Management Studies, 3(2), 81-88. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V3I2P108
49. Pappula, K. K. (2022). Containerized Zero-Downtime Deployments in Full-Stack Systems. International Journal of AI, BigData, Computational and Management Studies, 3(4), 60-69. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V3I4P107
50. Anasuri, S. (2022). Zero-Trust Architectures for Multi-Cloud Environments. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 64-76. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I4P107
51. Pedda Muntala, P. S. R., & Karri, N. (2022). Using Oracle Fusion Analytics Warehouse (FAW) and ML to Improve KPI Visibility and Business Outcomes. International Journal of AI, BigData, Computational and Management Studies, 3(1), 79-88. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V3I1P109
52. Rahul, N. (2022). Optimizing Rating Engines through AI and Machine Learning: Revolutionizing Pricing Precision. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(3), 93-101. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I3P110
53. Enjam, G. R. (2022). Secure Data Masking Strategies for Cloud-Native Insurance Systems. International Journal of Emerging Trends in Computer Science and Information Technology, 3(2), 87-94. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I2P109
54. Rusum, G. P. (2023). Large Language Models in IDEs: Context-Aware Coding, Refactoring, and Documentation. International Journal of Emerging Trends in Computer Science and Information Technology, 4(2), 101-110. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I2P110
55. Pappula, K. K. (2023). Edge-Deployed Computer Vision for Real-Time Defect Detection. International Journal of AI, BigData, Computational and Management Studies, 4(3), 72-81. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V4I3P108
56. Anasuri, S., & Pappula, K. K. (2023). Green HPC: Carbon-Aware Scheduling in Cloud Data Centers. International Journal of Emerging Research in Engineering and Technology, 4(2), 106-114. https://doi.org/10.63282/3050-922X.IJERET-V4I2P111
57. Reddy Pedda Muntala , P. S. (2025). Process Automation in Oracle Fusion Cloud Using AI Agents. International Journal of Emerging Research in Engineering and Technology, 4(4), 112-119. https://doi.org/10.63282/3050-922X.IJERET-V4I4P111
58. Rahul, N. (2023). Personalizing Policies with AI: Improving Customer Experience and Risk Assessment. International Journal of Emerging Trends in Computer Science and Information Technology, 4(1), 85-94. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I1P110
59. Enjam, G. R. (2023). Optimizing PostgreSQL for High-Volume Insurance Transactions & Secure Backup and Restore Strategies for Databases. International Journal of Emerging Trends in Computer Science and Information Technology, 4(1), 104-111. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I1P112
60. Pappula, K. K., Anasuri, S., & Rusum, G. P. (2021). Building Observability into Full-Stack Systems: Metrics That Matter. International Journal of Emerging Research in Engineering and Technology, 2(4), 48-58. https://doi.org/10.63282/3050-922X.IJERET-V2I4P106
61. Pedda Muntala, P. S. R., & Karri, N. (2021). Leveraging Oracle Fusion ERP’s Embedded AI for Predictive Financial Forecasting. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 2(3), 74-82. https://doi.org/10.63282/3050-9262.IJAIDSML-V2I3P108
62. Rusum, G. P. (2022). WebAssembly across Platforms: Running Native Apps in the Browser, Cloud, and Edge. International Journal of Emerging Trends in Computer Science and Information Technology, 3(1), 107-115. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I1P112
63. Anasuri, S. (2022). Adversarial Attacks and Defenses in Deep Neural Networks. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(4), 77-85. https://doi.org/10.63282/xs971f03
64. Pedda Muntala, P. S. R. (2022). Anomaly Detection in Expense Management using Oracle AI Services. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(1), 87-94. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I1P109
65. Rusum, G. P., & Anasuri, S. (2023). Composable Enterprise Architecture: A New Paradigm for Modular Software Design. International Journal of Emerging Research in Engineering and Technology, 4(1), 99-111. https://doi.org/10.63282/3050-922X.IJERET-V4I1P111
66. Anasuri, S. (2023). Secure Software Supply Chains in Open-Source Ecosystems. International Journal of Emerging Trends in Computer Science and Information Technology, 4(1), 62-74. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I1P108
67. Pedda Muntala, P. S. R., & Karri, N. (2023). Leveraging Oracle Digital Assistant (ODA) to Automate ERP Transactions and Improve User Productivity. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 4(4), 97-104. https://doi.org/10.63282/3050-9262.IJAIDSML-V4I4P111
68. Enjam, G. R. (2023). Modernizing Legacy Insurance Systems with Microservices on Guidewire Cloud Platform. International Journal of Emerging Research in Engineering and Technology, 4(4), 90-100. https://doi.org/10.63282/3050-922X.IJERET-V4I4P109
