nach oben

Erschienen in:

2021 | OriginalPaper | Buchkapitel

A Scalable, Real-Time Packet Capturing Solution

verfasst von : Rafael Oliveira, João P. Almeida, Isabel Praça, Rui Pedro Lopes, Tiago Pedrosa

Erschienen in: Optimization, Learning Algorithms and Applications

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The evolution of technology and the increasing connectivity between devices lead to an increased risk of cyberattacks. Good protection systems, such as Intrusion Detection System (IDS) and Intrusion Prevention System (IPS), are essential in trying to prevent, detect and counter most of the attacks. However, the increasing creativity and type of attacks raise the need for more resources and processing power for the protection systems which, in turn, requires horizontal scalability to keep up with the massive companies’ network infrastructure and with the complexity of attacks. Technologies like machine learning, show promising results and can be of added value in the detection and prevention of attacks in real-time. But good algorithms and tools are not enough. They require reliable and solid datasets to be able to effectively train the protection systems. The development of a good dataset requires horizontal-scalable, robust, modular and fault-tolerance systems, so that the analyses may be done also in real-time. This paper describes an architecture for horizontal-scaling capture architecture, able to collect packets from multiple sources and prepared for real-time analysis. It depends on multiple modular nodes with specific roles to support different algorithms and tools.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Occupational Behaviour Study in the Retail Sector

Nächstes Kapitel Assessing Gamification Effectiveness in Education Through Analytics

Cordero, C.G., Hauke, S., Muhlhauser, M., Fischer, M.: Analyzing flow-based anomaly intrusion detection using Replicator Neural Networks. In: 2016 14th Annual Conference on Privacy, Security and Trust, PST 2016, pp. 317–324. Institute of Electrical and Electronics Engineers Inc. (2016). https://doi.org/10.1109/PST.2016.7906980

Swinhoe, D.: The 15 biggest data breaches of the 21st century. CSO Online (2021). https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html

Do, E.H., Gadepally, V.N.: Classifying anomalies for network security. In: Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), May 2020, vol. 2020, pp. 2907–2911. Institute of Electrical and Electronics Engineers Inc. (May 2020). https://doi.org/10.1109/ICASSP40776.2020.9053419

Emmerich, P., Pudelko, M., Gallenmüller, S., Carle, G.: FlowScope: efficient packet capture and storage in 100 Gbit/s networks. In: 2017 IFIP Networking Conference, IFIP Networking 2017 and Workshops, January 2018, vol. 2018, pp. 1–9. Institute of Electrical and Electronics Engineers Inc. (July 2017). https://doi.org/10.23919/IFIPNetworking.2017.8264852

Evermann, J., Rehse, J.R., Fettke, P.: Process discovery from event stream data in the cloud - a scalable, distributed implementation of the flexible heuristics miner on the Amazon kinesis cloud infrastructure. In: Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom, pp. 645–652. IEEE Computer Society (July 2016). https://doi.org/10.1109/CloudCom.2016.0111

Guo, Y.T., et al.: DPI & DFI: a malicious behavior detection method combining Deep Packet Inspection and Deep Flow inspection. Procedia Eng. 174, 1309–1314 (2017). https://doi.org/10.1016/j.proeng.2017.01.276CrossRef

Johnson, R.: 60 percent of small companies close within 6 months of being hacked (2019). https://cybersecurityventures.com/60-percent-of-small-companies-close-within-6-months-of-being-hacked/

Kent, E.: CD Projekt hit by “targeted cyber attack” (2021). https://www.eurogamer.net/articles/2021-02-09-cd-projekt-hit-by-targeted-cyber-attack

Lin, H., Yan, Z., Chen, Y., Zhang, L.: A survey on network security-related data collection technologies. IEEE Access 6, 18345–18365 (2018). https://doi.org/10.1109/ACCESS.2018.2817921CrossRef

10.

Vailsher, L.S.: Global IoT and non-IoT connections 2010–2025 (2021). https://www.statista.com/statistics/1101442/iot-number-of-connected-devices-worldwide/

11.

Longo, E., Redondi, A.E., Cesana, M.: Accurate occupancy estimation with WiFi and Bluetooth/BLE packet capture. Comput. Netw. 163, 106876 (2019). https://doi.org/10.1016/j.comnet.2019.106876CrossRef

12.

Lotfollahi, M., Jafari Siavoshani, M., Shirali Hossein Zade, R., Saberian, M.: Deep packet: a novel approach for encrypted traffic classification using deep learning. Soft. Comput. 24(3), 1999–2012 (2019). https://doi.org/10.1007/s00500-019-04030-2CrossRef

13.

Lysenko, S., Bobrovnikova, K., Shchuka, R., Savenko, O.: A cyberattacks detection technique based on evolutionary algorithms. In: 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies (DESSERT), pp. 127–132 (2020). https://doi.org/10.1109/DESSERT50317.2020.9125016

14.

Mousavi, S.H., Khansari, M., Rahmani, R.: A fully scalable big data framework for Botnet detection based on network traffic analysis. Inf. Sci. 512, 629–640 (2020). https://doi.org/10.1016/j.ins.2019.10.018CrossRef

15.

Pudukotai Dinakarrao, S.M., Sayadi, H., Makrani, H.M., Nowzari, C., Rafatirad, S., Homayoun, H.: Lightweight node-level malware detection and network-level malware confinement in IoT networks. In: Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019, pp. 776–781. Institute of Electrical and Electronics Engineers Inc. (May 2019). https://doi.org/10.23919/DATE.2019.8715057

16.

Roquero, P., Magaña, E., Leira, R., Aracil, J.: Performance evaluation of client-based traffic sniffing for very large populations. Comput. Netw. 166, 106985 (2020). https://doi.org/10.1016/j.comnet.2019.106985CrossRef

17.

Saini, P.S., Behal, S., Bhatia, S.: Detection of DDoS attacks using machine learning algorithms. In: Proceedings of the 7th International Conference on Computing for Sustainable Global Development, INDIACom 2020, pp. 16–21. Institute of Electrical and Electronics Engineers Inc. (March 2020). https://doi.org/10.23919/INDIACom49435.2020.9083716

18.

Sobers, R.: Data breach response times: trends and tips (2020). https://www.varonis.com/blog/data-breach-response-times/

19.

Jonathan, S., Jim, F.: Yahoo says all three billion accounts hacked in 2013 data theft. Reuters (2017). https://www.reuters.com/article/us-yahoo-cyber/yahoo-says-all-three-billion-accounts-hacked-in-2013-data-theft-idUSKCN1C82O1

20.

Worldometer: World Population Projections - Worldometer (2021). https://www.worldometers.info/world-population/world-population-projections/

Titel: A Scalable, Real-Time Packet Capturing Solution
verfasst von: Rafael Oliveira
João P. Almeida
Isabel Praça
Rui Pedro Lopes
Tiago Pedrosa
Verlag: Springer International Publishing
Buch: Optimization, Learning Algorithms and Applications
Print ISBN: 978-3-030-91884-2

Electronic ISBN: 978-3-030-91885-9

Copyright-Jahr: 2021
DOI: https://doi.org/10.1007/978-3-030-91885-9_46

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner