|
Identifier |
uch.csd.msc//2004charitakis |
Title |
Εφαρμογές του Επεξεργαστή Δικτύου IXP 1200 σε συστήματα ανίχνευσης Εισβολέων για Δίκτυα |
Alternative Title |
Using the IXP 1200 Network processor in Network intrusion detection systems |
Creator |
Charitakis, Ioannis
|
Abstract |
Network Processors and Network Intrusion Detection Systems constitute two rather new and rapidly evolving areas of networking. In this thesis we explore the use of the IXP Network Processor in two aspects of Network Intrusion Detection: Packet Header Analysis and distributed Network Intrusion Detection infrastructure. Regarding the former, we present a software architecture to enable fast packet header intrusion analysis on the IXP 1200. Along with this architecture, the S2I tool was developed. The S2I tool transforms header descriptions of malicious packets written in a high level language to low level efficient code for the IXP 1200. Altogether, the software architecture and the S2I tool, form a first step toward incorporating the IXP 1200 in Network Intrusion Detection Systems. Regarding distributed Network Intrusion Systems, we present the architecture of an Active Splitter for splitting intelligently the traffic to many Network Intrusion Detection Systems operating in parallel. The Active Splitter employs early filtering and Locality Buffers in order to improve performance of each Network Intrusion Detection System, as well as the performance of the system as a whole. The Active Splitter concept was initially studied extensively using simulations before moving on its implementation on the IXP 1200. During studying we concluded that overall system performance can be improved up to 20%. Once the benefits of the Active Splitter were clear, it was implemented using the IXP 1200. Moreover the IXP 1200 implementation was verified in real hardware, and the benefits of using it were reproduced.
|
Subject |
security, intrusion detection, load sharing, network processors, packet, |
Issue date |
2004-04-01 |
Date available |
2004-05-14 |
Collection
|
School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
|
|
Type of Work--Post-graduate theses
|
Views |
438 |